CAST EC-Council
EC-Council
CAST CENTER FOR ADVANCEDSECURITY TRAINING
Make The Difference
CAST 612Advanced Mobile Hacking & Forensics
CAST EC-Council CAST EC-CouncilCAST EC-Council
The rapidly evolving information security landscape now requires professionals to stay up to date on the latest security technologies, threats and remediation strategies. CAST was created to address the need for quality advanced technical training for information security professionals who aspire to acquire the skill sets required for their job functions. CAST courses are advanced and highly technical training programs co-developed by EC-Council and well-respected industry practitioners or subject matter experts. CAST aims to provide specialized training programs that will cover key information security domains, at an advanced level.
About EC-CouncilCenter of AdvancedSecurity Training(CAST)
CAST EC-Council CAST EC-CouncilCAST EC-Council
Digital Mobile Forensics is fast becoming a lucrative and constantly evolving �eld, this is no surprise as the mobile phone industry has been witnessing some unimaginable growth, some experts say it may even replace the Computer for those only wishing to send and receive emails. As this area of digital forensics grow in scope and size due to the prevalence and proliferation of mobile devices and as the use of these devices grows, more evidence and information important to investigations will be found on them. To ignore examining these devices would be negligent and result in incomplete investigations. This growth has now presented new and growing career opportunities for interested practitioners in corporate, enforcement, and military settings. Mobile forensics is certainly here to stay as every mobile device is di�erent and di�erent results will occur based on that device requiring unique expertise. This course was put together focusing on what today’s Mobile Forensics practitioner requires, some of the advanced areas this course will be covering are the intricacies of manual Acquisition (physical vs. logical) & advanced analysis using reverse engineering , understanding how the popular Mobile OSs are hardened to defend against common attacks and exploits.
Advanced Mobile Hacking & ForensicsCourse Description
CAST EC-Council CAST EC-CouncilCAST EC-Council
01 Staying updated and abreast of the latest technologies that are being developed and used by the best in the �eld
02
03
04
05
How will this course bene�t you?
Protect your organization by retrieving stolen data and incriminating evidence from communications devices used by rogue employees
In�uence results of civil, private litigation and criminal cases by providing crucial evidence such as the suspects involved, their locations at the time of question and the role they played by extracting this information from mobile devices
Re�ne current mobile forensic processes by addressing its unique problems of preserving crucial data and producing valid results
Protecting your organization by conducting proper & regular IT Audit investigations on mobile devices to ensure no misuse of company information
CAST EC-Council CAST EC-CouncilCAST EC-Council
• RiskAssessmentProfessionals
• DigitalForensicsInvestigators
• InformationSecurityProfessionals
• MobileDevelopers
• PenetrationTesters-CEHProfessionals
• LawEnforcementOfficersandGovernmentAgencies
• Attorneys,ParalegalsandFirstResponders
• AccountantsandFinancialPersonnel
• Anyonewhodealswithimplementation,testing,security
hardeningofmobiledevices
Information security professional
Who Should Attend
CAST EC-Council
Pre-requisites
- Students should have an understanding of Fundamental principles and process for digital forensics
- Knowledge includes evidence acquisitions, examination analysis and �nal reporting
- A minimum of 6 months Digital Forensics experience is recommended
Recommended Certi�cationsBefore attending this course, it’s recommended that students have:
- CHFI certi�cation or equivalent knowledge.
- A+ certi�cation or equivalent knowledge.
- Network+ certi�cation or equivalent knowledge.
CAST EC-Council CAST EC-CouncilCAST EC-Council
Course Outline
• HistoryofDigitalForensics
• GlobalLegalSystem-Challenges
• TechnicalAspectsofMobileForensics
(Whatarethechallenges)
• Trace,Seizeandinvestigate–Cyber
CrimeCaseScenarios
• Criminal/CivilIncidents
• CyberFraud
• Insider/UnknownThreats
• Recommendedreading
Lab 1: Scenario Case Investigation
Lab 2: Evidence Analysis
• CreatinganewcaseusingFTKandimportcaseevidence
• StandardEvidencestorageacquisitionofaharddisk
• UsingFTKandCaineLiveCDforcaseevidenceanalysisandevidencepriority
• ExploringthedifferenceofPhysicalvs.LogicalEvidenceAcquisition
After completing this module, students will be familiar with:
01. Mobile Hacking and Digital Forensic Challenges
Thismodulewillcoverabroadrefresherofthefundamentalprinciplesandmethodologiesusedforlegalforensicsinvestigations
CAST EC-Council CAST EC-CouncilCAST EC-Council
02. Mobile Hardware Design for iPhone, BlackBerry, Android and other devices
Thismodulewillfocusonthehardwaredesignspecificationsofthepopularmobiledevices
Lab: UnderthehoodofaniPhone
• ForensicsMethodology
• Whyweneedin-depthknowledgeofthedesigns
• iDeviceteardownschematics(Ipad,IphoneandIpad)
• Androidteardownschematics(HTCandSamsung)
• BlackberryBoldteardown
• Standarddesignsofothermobiledevices
• MobileHardwareToolKits
• Divingdeepintothehardwareaspectsofmobiledevices
• Appreciatingthedifferentmethods,techniquesandtoolsinvolved
After completing this module, students will be familiar with:
CAST EC-Council CAST EC-CouncilCAST EC-Council
03. Mobile Software design and the common boot process for Smart Devices
After completing this module, students will be familiar with: After completing this module, students
will be familiar with:
04. Mobile Device Storage and Evidence Acquisition Techniques
• FundamentalOpenSourceSoftware
• Whyspecialize?AndLatestNews
• MobileOSXArchitecture
• CoreDefinitions
• UIFrameworkIOS
• OSXBootOverview
• iPhoneDFU–RecoveryModes
• AndroidBootProcess
• IOSKernelDesign
• Jail-breaking/Rooting,REALLY?why,whatandhow
• UnderstandingAppleandAndroidArchitecture
• AppreciatingUIFrameworksandIOSKernelDesign
• Jail-breakingandrootingIOSandAndroid
• Usingmanualopen-sourceevidenceacquisitionmethods
• Bypassingpasscodeprotection
• TheimportanceofHEXeditors
• Primaryunixcommandsandtechniquesused
Thismoduleexplainshowmobilesboot,andusearchitecturaldesigncomponents.ItalsodescribeshowdataisstoredandaccessedfortheIOSsystem
Thismoduleexplainshowuserdataisstoredandhowtodealwithdeleteduserevidence.Italsodescribesthearrayoftechniquesthatofferthegreatestsuccessforevidenceacquisition
• AnalysisOpenSourceToolandSDKSoftwarekitsforAppleandAndroid
• EvidenceAcquisition
• SmartPhoneCharacteristics
• SlackSpace–HiddenData
• MBR–EFIBasicStorageDesigns
• Partitionsanddevicespecifics
• PasscodeProtection–EncryptedBackups
Lab: Jail-breakingandRootingLab 1: BinaryReality
Lab 2: AccessingEvidence
CAST EC-Council CAST EC-CouncilCAST EC-Council
• HowMobileDevicesgetHacked
• DebuggersandDecompiles
• ReverseEngineering
• IPAandAPKPackages
• iPhoneAppStoreSpecifics
Lab 1: HackingToolsandAnalysis
Lab 2: BuildingourEnvironment
ThismoduleexplainsthegenreandadvancedMobileAttacks
After completing this module, students will be familiar with:
• AnalyzingRealThreats
• Usingopensourcetoolsandtechniques
05. Advanced Mobile Attack Analysis
CAST EC-Council CAST EC-CouncilCAST EC-Council
• Hackingcankillyou
• ThreatPredictions2011/2012
• MobileHackingTechniques
• IOSPlatformWeaknesses
• AndroidPlatformWeaknesses
• BlackberryPlatformWeaknesses
06. Mobile Device Hacking Techniques and Tools
Thismoduleexplainshowtoanalyzeevidenceandproducedetailedevidencereports.Italsodescribeshowtechnicalsavvypeoplecanobscureevidencetonegateordestroytheevidence
Lab 1: PopularSoftwareforAnalysis
After completing this module, students will be familiar with:
• UnderstandingHackingTechniquesandTools.
• LaunchingSpearPhishingAttacks.
• PlantingHiddenPayloads
CAST EC-Council CAST EC-CouncilCAST EC-Council
After completing this module, students will be familiar with:
• Usingopensourcetoolsandtechniques
• Usingcommercialpackages
• CriticalaspectsrelatedtoChainofCustody,documentation
• andprotectionofevidencetechniques
07. Penetration Testing and Exploitation Vectors
08. Mobile Forensic Hardware and Software Field Kits
• InformationGathering
• ManualExploitation
• ExploitFrameworks
• CrackingPasswords
• DIYToolkitOptionsandcosts
• CommercialComparisons
• Prosandconsofopensource
• FieldKitReviewandbestpractices
ThismoduleexplainsthePenetrationTestingtrainingLifeCycle.ItalsodescribesthetoolsandtechniqueswecanuseforexploitationVectors
ThismoduleexplainsForensicsHardwareOptions.ItalsodescribeshowwecanbuildourportableForensicsfieldkits
Lab 1: PenTest101Lab 2: PenTestModel-BlueToothHacking
Lab 1: TagandBag
Lab 2: BuildingourForensicStationandToolkit
Note: This module is designed to be 100% hands-on covering the penetration testing methodology by utilizing BackTrack v5r1
CAST EC-Council CAST EC-CouncilCAST EC-Council
• Disclaimer/Legal
• Introductiontosoftwarepackages
• ForensicsReports
• BestEvidenceRule
• EvidenceReportDocumentation
09. Forensic Software, Evidence Analysis and Reporting
Thismoduleexplainshowtowrap-upthecasebycompilingthereportandfocusesonpresentingthetechnicalresultsinLaymenterms
Lab 1: CreatingtheReport
After completing this module, students will be familiar with:
• CategorizingEvidence
• EvidenceTampering
• Thevarioussoftwareused
CAST EC-Council CAST EC-CouncilCAST EC-Council
TRAINERS PROFILE:
Wayne Burke
WayneBurkehashadconsiderablehands-onITSecurityexperienceconsultingorlecturing,whetheritwasforGovernmentAgencies,HealthcareInstitutions,Financialandinternationalcompanies.
Hisexperienceinthepublic/defensesectorsisequallycomplementedbyassignmentsundertakenforheavyweightworldrenownedcorporationsincludingYahoo,Xerox,AT&TandTexasInstrumentsto
namebutafew.HeisimminentlyqualifiedinhisfieldinthatheholdsastringofprofessionalqualificationsinNetworkingtonameafew(MCT,
MCSE,Cisco,Network+)andITSecurity(CIW-SA,Security+,CEH,ECSA,LPT,CHFI)besidesabachelor’sdegreeinscience.
WayneiscurrentlytheCSOforSequritCSI,responsibleforthetechnicalrealmandsecuritymanagement,whichincludesconsultingteams.Heisacaptainofa
globaloperatinggroupofpenetrationtestersandsecurityexperts.Wayneandhisgrouphavedeliveredsecurityassessments,PenetrationTestassignmentsandcustomizedtrainingforInternationalCorporationsandmanyGovernmentAgenciessuchas:EPA,FAA,DOJ,DOE,DOD+8570:Airforce,Army,Navy,Marines,FBIandStatewideLawEnforcementOfficesintheUSA.
InEurope:NATO,Europol,MOD(MilitaryofDefenseUK)variousEULawEnforcement,DutchMinistryofDefense,MinistryofJustice,localEuropeanLawEnforcement:UK,Ireland,Switzerland,Belgium,Holland,Denmark.
ASIA:SingaporeGov,Philippines’PresidentialOffice,theUndersecretary,andCyberCrimePoliceSpecialistUnit.Jakarta,TaxInvestigationsOffice.VariousMalaysianGovagencies.PlusCorporateandgovernmentbodiesfromAfrica,andnumerousGulflocationstonameafew.Hisofficehasbecomehisnextlonghaulinternationalflight.
Wayne’sconsultingandtrainingundertakingscoverspecializinginPenetrationTesting,Forensics,SecurityExpertAdvisorandsecureinfrastructuredesign.HisexpertiseincludeDMZfirewalls,SecureVPNs,EAP/TLS,PEAP,SSL,PKI,SmartCards,Biometrics,IPSEC,IDS,VulnerabilityScanners,AV,HoneyPots,Audits,filteringpolicies,multi-layerencryptedfilesystems,patchmanagementanddeployments.Headditionallydevelopscustomizedandblendedsecuritycurriculum.
WayneisconstantlyengagedinhelpingbusinessesoptimizetheirsystemssecurityvisionHeisacknowledgedasanexpertconsultantandtrainerservinglargeorganizationswithcuttingedgeITsecurity.Hiswiderangeofallproductexperiencehashelpedtodevelophisoverallsystemssecurityknowledge.Waynehasapassionfortracingmalicioushackersinpursuitofwhichhehashadtograpplewithissues,whichareinextricablyentwinedinmeetingtheeverydaychallengesofinformationsystemssecurity.
CAST EC-Council CAST EC-Council
EC-Council
Top Related