Digital Forensics
Application Password Crackers
Objective of this exercise is to crack the password of a zip or rar file with Archive Password Recovery. Confidential data is always protected with security controls such as a password and Forensics investigator should be able to crack this password.
Load Processes Using SPE
Objective of this exercise is to learn how to analyze context of loaded processes using Sysinternals Process Explorer and find what dlls a process loaded into memory. Then determine the properties of that process and dlls along with finding out what ports are opened by a target process.
Dumpit and FTK Imager
Objective of this exercise is to learn how to capture RAM Image using dumpit and FTK Imager. Once RAM image is captured, volatile data is preserved. Forensic investigator will analyze image with volatility to find credentials, systems hashes, registry configurations, processes, dynamic link libraries and ports opened by process. Forensic investigator should know how to capture RAM image, and this exercise will ensure that.
EASEUS Data Recovery
Objective of this exercise is to learn how to perform File and partition Recovery with EASEUS Data recovery. A lot of times file and partition is deleted intentionally and unintentionally, sometimes the hard disk is formatted to hide artifacts. Through this exercise you can learn how to recover such data.
Steganography and Image FF
Objective of this exercise is to learn how to analyze image file headers using Hex Workshop. Each file has a different file header and if the attacker changed this file extension then the forensic investigator should be able to recognize the file type through analysis of the file header.
Web Application Security
Server side javascript SSJS Web shell injection
Objective of this exercise is to know how Vulnerabilities in Node.js applications, allow Server Side Javascript (SSJS) Injection. See advisory CVE-2014-7205discovered in a Bas master plugin which allows arbitrary Javascript injection. This demo application will only allow a single user input selection to keep things simple.
Preventing SQL Injection with Parametarized query
Objective of this exercise is to Parameterize SQL Queries for better performance, high efficiency and prevention of SQL injection vulnerability. Before going further, let us have a brief introduction to SQL injection.
