Surviving Encryption: Cryptanalysis
4.5 (5 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
357 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Surviving Encryption: Cryptanalysis to your Wishlist.

Add to Wishlist

Surviving Encryption: Cryptanalysis

The open-source approach
4.5 (5 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
357 students enrolled
Created by Michael Leclair
Last updated 3/2014
English
Price: $150
30-Day Money-Back Guarantee
Includes:
  • 4.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Examining protected files
  • Resources for dictionary attack word lists
  • Creating wordlists from websites
  • Creating wordlists from memory or image files
  • Creating custom permutated word lists
  • Memory extraction
  • Resources for Rainbow tables
  • Creating rainbow tables
  • Attacking Windows User Passwords
  • Attacking Mac User Passwords
  • Attacking Mac DMG files
  • Attacking Mac Keychains
  • Recovering stored internet passwords on PCs
  • Overcoming passwords on live & encrypted systems
  • Using John the Ripper
  • Attacking password hashes
  • Using Hashcat (GUI Version)
  • Using Inception
  • Using Volatility
View Curriculum
Requirements
  • Computer forensic analysis experience
  • IT experience
  • Working knowledge of how encryption works
Description

All SDF courses may now be found at SUMURI.COM. This course will remain live in UDEMY for existing students.

This class reviews decryption analysis tools from the open source community. There are plenty of no cost or low cost decryption solutions available to the forensic examiner. The problem is they are scattered and it would take significant time for any one person to research and test just a few. SUMURI has done the work for you and put together training featuring some of the best open source tools available. Students will learn how to build different types of word lists for dictionary attacks, how to create rainbow tables, tools for attacking Windows and Mac user passwords, attacking Mac keychains, recovering Internet passwords from Windows systems, and attacking password hashes. Topics will also include using open source tools such as Inception, John the Ripper, Hashcat, and more.

Who is the target audience?
  • Computer forensic analysts
  • IT professionals
  • Investigators
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Expand All 40 Lectures Collapse All 40 Lectures 04:38:54
+
Welcome & Introduction
3 Lectures 22:51

Welcome to Surviving Encryption: Cryptanalysis. Please download the manual available in this module. Each practical may contain files for you to download.

Preview 11:34

In this practical we will look at the differences and similarities between three files.

Practical 01 Comparing Protected Files Part 1
01:09

Comparing Protected Files Quiz
3 questions

In this practical we will look at the differences and similarities between three files.

Practical 01 Comparing Protected Files Part 2
10:08
+
Dictionaries, Word Lists & Rainbow Tables
8 Lectures 01:20:06

Dictionary attacks are one the best best attack vectors you have as an analyst. In this lesson we will look at some online resources for word lists.

Lesson 02 Resources for Existing Wordlists for Dictionary Attacks
05:38

RSMangler is a freely available Mac and Linux based tool that creates per-mutated word lists based on the terms you supply. It is amazingly simple to use and a fantasic resource.

Practical 03 RSMangler: Creating a Per-mutated Custom Dictionary
07:37

In this practical you will learn how to create a word list based on a web site in a few easy steps. This is ideal for when you want to build a custom word list based on the interests of the target.

Practical 04 Creating Wordlist from a Website using WinHTTrack & Bulk Extractor
14:01

In this lesson you will learn how to take a memory file and use it to produce a dictionary.

Practical 05 Creating Word Lists from Memory and Image Files using Bulk Extracto
10:55

In this lesson we will learn how to test Mac swap and sleepimage files in order to determine their value as sources to produce word lists. The benefit of these files changes which each version of the operating system so testing and validating is important.

Practical 06 Mac Swap Files & Sleep Images
13:10

In this lesson we will go over an option to image memory from a Mac and talk about some inherent limitations.

Practical 07 Mac Memory Extraction OS 10.4 - 10.8
06:17

This is a short discussion on the limitations of imaging RAM in OS 10.9.

Lesson 08 Mac Memory Extraction 10.9
01:38

In this practical you will be introduced to a Windows tool you can use to create your own custom rainbow tables.

Practical 09 Creating Rainbow Tables
20:50
+
Decryption Tools: User Login Passwords
2 Lectures 28:49

In this practical we will take a look at cracking Windows SAM files to harvest user login passwords.

Practical 10 Windows User Passwords (SAM Files)
16:09

In this practical we will take a look at how to attack Mac user login passwords.

Practical 11 Mac User Passwords: DaveGrohl
12:40

User Login Passwords Quiz
2 questions
+
Decryption Tools: Mac Files
2 Lectures 20:27

In this practical we will take a look at protected DMG files.

Practical 12 Mac Encrypted DMG Files & CrobarDMG
09:54

In this practical we will take a look what is stored in Mac Keychain files and how to break them.

Practical 13 Mac Keychain Files
10:33

Mac Files Quiz
6 questions
+
Decryption Tools: Inception
1 Lecture 07:34

In this practical you will learn how to use Inception to bypass a user's login password. Note that there are no downloads for this exercise. You may download Paladin from Sumuri.com and use the boot disc to try to exercise- Inception is pre-installed on it. Try this on two test systems, virtual machines may not work.

Practical 14 Inception
07:34
+
Decrytpion Tools: Volatility
5 Lectures 25:35

This in an extra to show you how to use Virtualbox and Paladin to create a a forensic virtual machine you may use for some of the practicals.

Practical 15 Building a Paladin Forensic Virtual Machine
08:31

In this practical you will learn how to use Volatility to extract user names and password hashes from memory files.

Practical 15 Volatility Part 1
06:49

Practical 15 Volatility Part 2
03:30

Practical 15 Volatility Part 3
03:02

Practical 15 Volatility Part 4
03:43
+
Decryption Tools: John the Ripper
6 Lectures 29:11

In this practical we are going break passwords using John the Ripper.

Practical 16 John the Ripper on a PC Part 1
05:04

Practical 16 John the Ripper on a PC Part 2
06:07

Practical 16 John the Ripper on a PC Part 3
05:51

Practical 16 John the Ripper on a PC Part 4
03:09

Practical 16 John the Ripper on a PC Part 5
03:04

Practical 16 John the Ripper on a PC Part 6
05:56
+
Decryption Tools: Internet Passwords
1 Lecture 11:05

In this practical we will be looking at a way to obtain passwords that are strored in web browsers.

Practical 17 Recovering Stored Internet Passwords
11:05
+
Decryption Tools: Hashcat
11 Lectures 52:42

Hashcat is one of the best free tools available for password hash attacks. In these practicals you will learn how to use Hashcat (CPU version) using a GUI.

Practical 18A Hashcat Part 1
14:18

Practical 18A Hashcat Part 2
05:09

Practical 18A Hashcat Part 3
02:26

Practical 18A Hashcat Part 4
01:29

Practical 18A Hashcat Part 5
02:06

Practical 18A Hashcat Part 6
02:46

Practical 18A Hashcat Part 7
04:11

Practical 18A Hashcat Part 8
06:11

Practical 18A Hashcat Part 9
01:50

Practical 18B Hashcat: Mac User Hashes
09:02

Practical 18C Hashcat: Windows User Hashes
03:14
+
Conclusion
1 Lecture 00:34

Thank you for choosing Sumuri!

Check out other classes at http://sumuri.com/training/surviving-digital-forensics/

Follow me on Twitter @LeclairDF to get the latest happenings.

Check out our Blog at http://sumuri.com/about/news/

Check out our Youtube channel https://www.youtube.com/user/SumuriNews

Conclusion
00:34
About the Instructor
Michael Leclair
4.5 Average rating
311 Reviews
2,251 Students
15 Courses
Computer Forensic Analyst

Over twelve years of experience as a Computer Forensic Analyst, author and developer of computer forensic training and analysis tools. Specialties include: Windows forensics, Mac forensics, iOS forensics, Mac Server forensics & mobile device forensics. Creator of the "Surviving Digital Forensics" series and part of SUMURI's RECON for Mac OS X development team.

Certifications include: CFCE, CISSP, CCE, EnCE, A+, Network+

Regularly instruct law enforcement, government and corporate investigators both nationally and internationally in computer forensics.