File Analysis with CyberChef
When performing security investigations on suspicious activity within your network, there may be times where you need to dig a bit deeper into encoded files or malicious registry entries to determine if they are truly nefarious. In this course, you will learn secure cryptography forensic techniques using CyberChef.
What you'll learn
Using CyberChef, you will be able to effectively validate the sole intent of suspicious files that may be malicious in nature on a local host. This includes identifying a credential dump, URL redirection, or autostart files. In this course, File Analysis with CyberChef, you'll learn how to protect against prevalent attack techniques in an enterprise environment. The course focuses on the utilization of CyberChef, a powerful tool, used for forensic investigation of specific tactics, including credential dumping (T1003), browser bookmark discovery (T1217), and boot or logon autostart execution (T1547). By understanding CyberChef and its main functions, you'll apply practical techniques to effectively verify these attack types through file analysis. Upon completion of the course, you'll have the skills and knowledge to proactively protect against, detect, and respond to credential dumping, browser bookmark discovery, and boot or logon autostart execution within an enterprise environment.
Table of contents
About the author
Owen is a security practitioner at heart, who also enjoys being able to teach others about cyber security best practices and techniques. He has recently found that doing online teaching has been one of the most fulfilling experiences in his working life. He loves being able to spread the good word of security to any and all that are willing to learn it!