Difference between revisions of "Forensic: IT"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(61 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==PERTEMUAN: Pengenalan IT Forensik== | ==PERTEMUAN: Pengenalan IT Forensik== | ||
− | * Definisi dan Konsep Dasar | + | * [[Definisi dan Konsep Dasar]] |
− | * | + | * [[Tujuan dan Ruang Lingkup]] |
− | * | + | * [[Hukum dan Etika]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Definition and Basic Concepts (en)]] |
− | ** | + | * [[Objectives and Scope (en)]] |
− | + | * [[Law and Ethics (en)]] | |
+ | |||
==PERTEMUAN: Proses Akuisisi Data== | ==PERTEMUAN: Proses Akuisisi Data== | ||
− | * Prinsip Dasar Akuisisi | + | * [[Prinsip Dasar Akuisisi]] |
− | * | + | * [[Teknik Akuisisi]] |
− | + | * [[Dokumentasi dan Chain of Custody]] | |
− | * | ||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Basic Principles of Acquisition (en)]] |
− | * | + | * [[Acquisition Techniques (en)]] |
− | * | + | * [[Documentation and Chain of Custody (en)]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ==PERTEMUAN: Analisis Data== | |
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Tool dan Perangkat Lunak]] |
− | * | + | * [[Teknik Analisis]] |
− | * | + | * [[Analisis Data Jejak]] |
− | |||
− | |||
− | * | + | * [[Tools and Software (en)]] |
− | * | + | * [[Analysis Techniques (en)]] |
− | * | + | * [[Trace Data Analysis (en)]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ==PERTEMUAN: Investigasi Sistem Operasi== | |
− | |||
− | |||
− | + | * [[Sistem Operasi Windows]] | |
+ | * [[Sistem Operasi Linux]] | ||
+ | * [[Sistem Operasi Mobile]] | ||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Windows Operating System (en)]] |
− | * | + | * [[Linux Operating System (en)]] |
− | * | + | * [[Mobile Operating System (en)]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==PERTEMUAN: Investigasi | + | ==PERTEMUAN: Investigasi Jaringan== |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Konsep Dasar Jaringan]] |
− | * | + | * [[Tool dan Teknik]] |
− | * | + | * [[Investigasi Intrusi]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | * [[Basic Network Concepts (en)]] | ||
+ | * [[Tools and Techniques (en)]] | ||
+ | * [[Intrusion Investigation (en)]] | ||
==PERTEMUAN: Forensic eMail== | ==PERTEMUAN: Forensic eMail== | ||
− | + | * [[Protocol SMTP POP3 IMAP]] | |
− | + | * [[Hands-On: Attack Spoofing SMTP Server & WebMail]] | |
− | + | * [[Mitigasi eMail attack: GnuPG]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | * [[SMTP, POP3, IMAP Protocols (en)]] | ||
+ | * [[Hands-On: Spoofing Attack on SMTP Server & WebMail (en)]] | ||
+ | * [[Mitigating eMail Attacks: GnuPG (en)]] | ||
==PERTEMUAN: Forensic SQL Injection Attack== | ==PERTEMUAN: Forensic SQL Injection Attack== | ||
− | + | * [[SQL Overview]] | |
− | + | * [[MySQL]] | |
− | + | * [[SQL Injection Attack]] | |
− | + | * [[Hands-On: Attack SQL Injection]] | |
− | + | * [[Mitigasi: SQL Injection]] | |
− | + | * [[Mitigasi: Snort IPS]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | |||
+ | * [[SQL Overview (en)]] | ||
+ | * [[MySQL (en)]] | ||
+ | * [[SQL Injection Attack (en)]] | ||
+ | * [[Hands-On: Attack SQL Injection (en)]] | ||
+ | * [[Mitigation: SQL Injection (en)]] | ||
+ | * [[Mitigation: Snort IPS (en)]] | ||
==PERTEMUAN: Forensic Command Injection Attack== | ==PERTEMUAN: Forensic Command Injection Attack== | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | * [[Command Line di Server Linux]] | ||
+ | * [[Hands-on Command Injection Attack]] | ||
+ | * [[Forensic Command Injection Attack]] | ||
+ | * [[Mitigasi Command Injection Attack]] | ||
− | + | * [[Command Line on a Linux Server (en)]] | |
− | + | * [[Hands-on Command Injection Attack (en)]] | |
− | + | * [[Forensic Command Injection Attack (en)]] | |
− | + | * [[Mitigation of Command Injection Attack (en)]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | ==PERTEMUAN: Forensic Backdoor via Command Injection Attack== | ||
− | + | * [[TCP port communication via nc]] | |
− | + | * [[mkfifo: cara kerja]] | |
− | + | * [[Hands-on mkfifo attack backdoor di DVWA via Command Injection]] | |
− | + | * [[Forensic backdoor di Ubuntu]] | |
− | + | * [[Grep: Scanning Backdoor]] | |
− | + | * [[Mitigasi backdoor di Ubuntu]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | * [[TCP port communication via nc (en)]] | |
− | + | * [[mkfifo: how it works (en)]] | |
− | + | * [[Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)]] | |
− | + | * [[Forensic backdoor in Ubuntu (en)]] | |
− | + | * [[Grep: Scanning for backdoor (en)]] | |
− | + | * [[Mitigation of backdoor in Ubuntu (en)]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | ==PERTEMUAN: Forensic File System Linux== | ||
− | + | * [[Overview tentang dd, ntfsundelete, ext3undelete dan extundelete]] | |
− | + | * [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]] | |
− | + | * [[Mitigasi agar file dan file system aman]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | * [[Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Mitigation to secure files and file systems (en)]] | ||
− | |||
− | |||
− | + | ==PERTEMUAN: Investigasi Perangkat Mobile== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | * [[Karakteristik Perangkat Mobile: Sistem operasi mobile, Aplikasi pihak ketiga, Cloud storage]] | ||
+ | * [[Teknik Akuisisi Physical extraction vs. Logical extraction]] | ||
+ | * [[Teknik Rooting Android jika diperlukan]] | ||
+ | * [[Hands-on Forensic Android menggunakan ADB]] | ||
+ | * [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]] | ||
+ | * [[Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)]] | ||
+ | * [[Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)]] | ||
+ | * [[Android Rooting Techniques if Necessary (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)]] | ||
+ | ==PERTEMUAN: Misc Attack & Forensic== | ||
+ | * [[Berbagai latihan serangan dan forensic pada Metasploitable]] | ||
+ | * [[Forensic: nmap smb-enum-users.nse attack]] | ||
+ | * [[Forensic: nmap mysql-brute.nse attack]] | ||
+ | * [[Forensic: nmap ssh2-enum-algos attack]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack]] | ||
+ | * [[Forensic: msfvenom attack]] | ||
− | |||
− | * | + | * [[Example of attackes dan forensic using Metasploitable (en)]] |
− | * | + | * [[Forensic: nmap smb-enum-users.nse attack (en)]] |
− | * | + | * [[Forensic: nmap mysql-brute.nse attack (en)]] |
+ | * [[Forensic: nmap ssh2-enum-algos attack (en)]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)]] | ||
+ | * [[Forenisc: msfvenom attack (en) ]] | ||
− | + | ==PERTEMUAN: Laporan Forensic== | |
− | * | + | * [[Laporan Forensic: Outline]] |
− | * | + | * [[Laporan Forensic: Prosedur Pemeriksaan]] |
− | * | + | * [[Laporan Forensic: Hasil Temuan]] |
− | |||
− | * | + | * [[Forensic Report: Outline (en)]] |
− | * | + | * [[Forensic Report: Examination Procedures (en)]] |
− | * | + | * [[Forensic Report: Findings (en)]] |
− |
Latest revision as of 09:14, 29 October 2024
PERTEMUAN: Pengenalan IT Forensik
PERTEMUAN: Proses Akuisisi Data
- Basic Principles of Acquisition (en)
- Acquisition Techniques (en)
- Documentation and Chain of Custody (en)
PERTEMUAN: Analisis Data
PERTEMUAN: Investigasi Sistem Operasi
PERTEMUAN: Investigasi Jaringan
PERTEMUAN: Forensic eMail
- Protocol SMTP POP3 IMAP
- Hands-On: Attack Spoofing SMTP Server & WebMail
- Mitigasi eMail attack: GnuPG
- SMTP, POP3, IMAP Protocols (en)
- Hands-On: Spoofing Attack on SMTP Server & WebMail (en)
- Mitigating eMail Attacks: GnuPG (en)
PERTEMUAN: Forensic SQL Injection Attack
- SQL Overview
- MySQL
- SQL Injection Attack
- Hands-On: Attack SQL Injection
- Mitigasi: SQL Injection
- Mitigasi: Snort IPS
- SQL Overview (en)
- MySQL (en)
- SQL Injection Attack (en)
- Hands-On: Attack SQL Injection (en)
- Mitigation: SQL Injection (en)
- Mitigation: Snort IPS (en)
PERTEMUAN: Forensic Command Injection Attack
- Command Line di Server Linux
- Hands-on Command Injection Attack
- Forensic Command Injection Attack
- Mitigasi Command Injection Attack
- Command Line on a Linux Server (en)
- Hands-on Command Injection Attack (en)
- Forensic Command Injection Attack (en)
- Mitigation of Command Injection Attack (en)
PERTEMUAN: Forensic Backdoor via Command Injection Attack
- TCP port communication via nc
- mkfifo: cara kerja
- Hands-on mkfifo attack backdoor di DVWA via Command Injection
- Forensic backdoor di Ubuntu
- Grep: Scanning Backdoor
- Mitigasi backdoor di Ubuntu
- TCP port communication via nc (en)
- mkfifo: how it works (en)
- Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)
- Forensic backdoor in Ubuntu (en)
- Grep: Scanning for backdoor (en)
- Mitigation of backdoor in Ubuntu (en)
PERTEMUAN: Forensic File System Linux
- Overview tentang dd, ntfsundelete, ext3undelete dan extundelete
- Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete
- Mitigasi agar file dan file system aman
- Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)
- Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)
- Mitigation to secure files and file systems (en)
PERTEMUAN: Investigasi Perangkat Mobile
- Karakteristik Perangkat Mobile: Sistem operasi mobile, Aplikasi pihak ketiga, Cloud storage
- Teknik Akuisisi Physical extraction vs. Logical extraction
- Teknik Rooting Android jika diperlukan
- Hands-on Forensic Android menggunakan ADB
- Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi
- Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)
- Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)
- Android Rooting Techniques if Necessary (en)
- Hands-on Android Forensics using ADB (en)
- Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)
PERTEMUAN: Misc Attack & Forensic
- Berbagai latihan serangan dan forensic pada Metasploitable
- Forensic: nmap smb-enum-users.nse attack
- Forensic: nmap mysql-brute.nse attack
- Forensic: nmap ssh2-enum-algos attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack
- Forensic: msfvenom attack
- Example of attackes dan forensic using Metasploitable (en)
- Forensic: nmap smb-enum-users.nse attack (en)
- Forensic: nmap mysql-brute.nse attack (en)
- Forensic: nmap ssh2-enum-algos attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)
- Forenisc: msfvenom attack (en)
PERTEMUAN: Laporan Forensic