Difference between revisions of "Forensic: IT"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(26 intermediate revisions by the same user not shown) | |||
Line 4: | Line 4: | ||
* [[Tujuan dan Ruang Lingkup]] | * [[Tujuan dan Ruang Lingkup]] | ||
* [[Hukum dan Etika]] | * [[Hukum dan Etika]] | ||
+ | |||
+ | |||
+ | * [[Definition and Basic Concepts (en)]] | ||
+ | * [[Objectives and Scope (en)]] | ||
+ | * [[Law and Ethics (en)]] | ||
+ | |||
==PERTEMUAN: Proses Akuisisi Data== | ==PERTEMUAN: Proses Akuisisi Data== | ||
Line 11: | Line 17: | ||
* [[Dokumentasi dan Chain of Custody]] | * [[Dokumentasi dan Chain of Custody]] | ||
− | |||
− | * | + | * [[Basic Principles of Acquisition (en)]] |
− | ** | + | * [[Acquisition Techniques (en)]] |
− | + | * [[Documentation and Chain of Custody (en)]] | |
+ | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ==PERTEMUAN: Analisis Data== | |
− | |||
− | |||
− | |||
− | + | * [[Tool dan Perangkat Lunak]] | |
+ | * [[Teknik Analisis]] | ||
+ | * [[Analisis Data Jejak]] | ||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Tools and Software (en)]] |
− | * | + | * [[Analysis Techniques (en)]] |
− | * | + | * [[Trace Data Analysis (en)]] |
− | |||
− | |||
− | |||
− | |||
− | ==PERTEMUAN: Investigasi | + | ==PERTEMUAN: Investigasi Sistem Operasi== |
− | * | + | * [[Sistem Operasi Windows]] |
− | * | + | * [[Sistem Operasi Linux]] |
− | * | + | * [[Sistem Operasi Mobile]] |
− | |||
− | |||
− | |||
− | |||
− | |||
− | * | + | * [[Windows Operating System (en)]] |
− | * | + | * [[Linux Operating System (en)]] |
− | * | + | * [[Mobile Operating System (en)]] |
− | |||
− | ==PERTEMUAN: | + | ==PERTEMUAN: Investigasi Jaringan== |
− | * | + | * [[Konsep Dasar Jaringan]] |
− | * | + | * [[Tool dan Teknik]] |
− | * | + | * [[Investigasi Intrusi]] |
− | |||
− | |||
− | |||
− | |||
+ | * [[Basic Network Concepts (en)]] | ||
+ | * [[Tools and Techniques (en)]] | ||
+ | * [[Intrusion Investigation (en)]] | ||
Line 79: | Line 64: | ||
* [[Hands-On: Attack Spoofing SMTP Server & WebMail]] | * [[Hands-On: Attack Spoofing SMTP Server & WebMail]] | ||
* [[Mitigasi eMail attack: GnuPG]] | * [[Mitigasi eMail attack: GnuPG]] | ||
+ | |||
+ | |||
+ | * [[SMTP, POP3, IMAP Protocols (en)]] | ||
+ | * [[Hands-On: Spoofing Attack on SMTP Server & WebMail (en)]] | ||
+ | * [[Mitigating eMail Attacks: GnuPG (en)]] | ||
==PERTEMUAN: Forensic SQL Injection Attack== | ==PERTEMUAN: Forensic SQL Injection Attack== | ||
Line 87: | Line 77: | ||
* [[Mitigasi: SQL Injection]] | * [[Mitigasi: SQL Injection]] | ||
* [[Mitigasi: Snort IPS]] | * [[Mitigasi: Snort IPS]] | ||
+ | |||
+ | |||
+ | * [[SQL Overview (en)]] | ||
+ | * [[MySQL (en)]] | ||
+ | * [[SQL Injection Attack (en)]] | ||
+ | * [[Hands-On: Attack SQL Injection (en)]] | ||
+ | * [[Mitigation: SQL Injection (en)]] | ||
+ | * [[Mitigation: Snort IPS (en)]] | ||
+ | |||
==PERTEMUAN: Forensic Command Injection Attack== | ==PERTEMUAN: Forensic Command Injection Attack== | ||
Line 94: | Line 93: | ||
* [[Forensic Command Injection Attack]] | * [[Forensic Command Injection Attack]] | ||
* [[Mitigasi Command Injection Attack]] | * [[Mitigasi Command Injection Attack]] | ||
+ | |||
+ | |||
+ | * [[Command Line on a Linux Server (en)]] | ||
+ | * [[Hands-on Command Injection Attack (en)]] | ||
+ | * [[Forensic Command Injection Attack (en)]] | ||
+ | * [[Mitigation of Command Injection Attack (en)]] | ||
+ | |||
==PERTEMUAN: Forensic Backdoor via Command Injection Attack== | ==PERTEMUAN: Forensic Backdoor via Command Injection Attack== | ||
Line 101: | Line 107: | ||
* [[Hands-on mkfifo attack backdoor di DVWA via Command Injection]] | * [[Hands-on mkfifo attack backdoor di DVWA via Command Injection]] | ||
* [[Forensic backdoor di Ubuntu]] | * [[Forensic backdoor di Ubuntu]] | ||
+ | * [[Grep: Scanning Backdoor]] | ||
* [[Mitigasi backdoor di Ubuntu]] | * [[Mitigasi backdoor di Ubuntu]] | ||
+ | |||
+ | |||
+ | * [[TCP port communication via nc (en)]] | ||
+ | * [[mkfifo: how it works (en)]] | ||
+ | * [[Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)]] | ||
+ | * [[Forensic backdoor in Ubuntu (en)]] | ||
+ | * [[Grep: Scanning for backdoor (en)]] | ||
+ | * [[Mitigation of backdoor in Ubuntu (en)]] | ||
==PERTEMUAN: Forensic File System Linux== | ==PERTEMUAN: Forensic File System Linux== | ||
Line 108: | Line 123: | ||
* [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]] | * [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]] | ||
* [[Mitigasi agar file dan file system aman]] | * [[Mitigasi agar file dan file system aman]] | ||
+ | |||
+ | |||
+ | * [[Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Mitigation to secure files and file systems (en)]] | ||
Line 117: | Line 137: | ||
* [[Hands-on Forensic Android menggunakan ADB]] | * [[Hands-on Forensic Android menggunakan ADB]] | ||
* [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]] | * [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]] | ||
+ | |||
+ | |||
+ | * [[Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)]] | ||
+ | * [[Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)]] | ||
+ | * [[Android Rooting Techniques if Necessary (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)]] | ||
+ | |||
==PERTEMUAN: Misc Attack & Forensic== | ==PERTEMUAN: Misc Attack & Forensic== | ||
− | + | ||
− | + | * [[Berbagai latihan serangan dan forensic pada Metasploitable]] | |
− | + | * [[Forensic: nmap smb-enum-users.nse attack]] | |
− | + | * [[Forensic: nmap mysql-brute.nse attack]] | |
− | + | * [[Forensic: nmap ssh2-enum-algos attack]] | |
− | + | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack]] | |
− | + | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack]] | |
− | + | * [[Forensic: msfvenom attack]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | |||
+ | * [[Example of attackes dan forensic using Metasploitable (en)]] | ||
+ | * [[Forensic: nmap smb-enum-users.nse attack (en)]] | ||
+ | * [[Forensic: nmap mysql-brute.nse attack (en)]] | ||
+ | * [[Forensic: nmap ssh2-enum-algos attack (en)]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)]] | ||
+ | * [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)]] | ||
+ | * [[Forenisc: msfvenom attack (en) ]] | ||
==PERTEMUAN: Laporan Forensic== | ==PERTEMUAN: Laporan Forensic== | ||
+ | |||
+ | * [[Laporan Forensic: Outline]] | ||
+ | * [[Laporan Forensic: Prosedur Pemeriksaan]] | ||
+ | * [[Laporan Forensic: Hasil Temuan]] | ||
+ | |||
+ | |||
+ | * [[Forensic Report: Outline (en)]] | ||
+ | * [[Forensic Report: Examination Procedures (en)]] | ||
+ | * [[Forensic Report: Findings (en)]] |
Latest revision as of 09:14, 29 October 2024
PERTEMUAN: Pengenalan IT Forensik
PERTEMUAN: Proses Akuisisi Data
- Basic Principles of Acquisition (en)
- Acquisition Techniques (en)
- Documentation and Chain of Custody (en)
PERTEMUAN: Analisis Data
PERTEMUAN: Investigasi Sistem Operasi
PERTEMUAN: Investigasi Jaringan
PERTEMUAN: Forensic eMail
- Protocol SMTP POP3 IMAP
- Hands-On: Attack Spoofing SMTP Server & WebMail
- Mitigasi eMail attack: GnuPG
- SMTP, POP3, IMAP Protocols (en)
- Hands-On: Spoofing Attack on SMTP Server & WebMail (en)
- Mitigating eMail Attacks: GnuPG (en)
PERTEMUAN: Forensic SQL Injection Attack
- SQL Overview
- MySQL
- SQL Injection Attack
- Hands-On: Attack SQL Injection
- Mitigasi: SQL Injection
- Mitigasi: Snort IPS
- SQL Overview (en)
- MySQL (en)
- SQL Injection Attack (en)
- Hands-On: Attack SQL Injection (en)
- Mitigation: SQL Injection (en)
- Mitigation: Snort IPS (en)
PERTEMUAN: Forensic Command Injection Attack
- Command Line di Server Linux
- Hands-on Command Injection Attack
- Forensic Command Injection Attack
- Mitigasi Command Injection Attack
- Command Line on a Linux Server (en)
- Hands-on Command Injection Attack (en)
- Forensic Command Injection Attack (en)
- Mitigation of Command Injection Attack (en)
PERTEMUAN: Forensic Backdoor via Command Injection Attack
- TCP port communication via nc
- mkfifo: cara kerja
- Hands-on mkfifo attack backdoor di DVWA via Command Injection
- Forensic backdoor di Ubuntu
- Grep: Scanning Backdoor
- Mitigasi backdoor di Ubuntu
- TCP port communication via nc (en)
- mkfifo: how it works (en)
- Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)
- Forensic backdoor in Ubuntu (en)
- Grep: Scanning for backdoor (en)
- Mitigation of backdoor in Ubuntu (en)
PERTEMUAN: Forensic File System Linux
- Overview tentang dd, ntfsundelete, ext3undelete dan extundelete
- Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete
- Mitigasi agar file dan file system aman
- Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)
- Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)
- Mitigation to secure files and file systems (en)
PERTEMUAN: Investigasi Perangkat Mobile
- Karakteristik Perangkat Mobile: Sistem operasi mobile, Aplikasi pihak ketiga, Cloud storage
- Teknik Akuisisi Physical extraction vs. Logical extraction
- Teknik Rooting Android jika diperlukan
- Hands-on Forensic Android menggunakan ADB
- Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi
- Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)
- Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)
- Android Rooting Techniques if Necessary (en)
- Hands-on Android Forensics using ADB (en)
- Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)
PERTEMUAN: Misc Attack & Forensic
- Berbagai latihan serangan dan forensic pada Metasploitable
- Forensic: nmap smb-enum-users.nse attack
- Forensic: nmap mysql-brute.nse attack
- Forensic: nmap ssh2-enum-algos attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack
- Forensic: msfvenom attack
- Example of attackes dan forensic using Metasploitable (en)
- Forensic: nmap smb-enum-users.nse attack (en)
- Forensic: nmap mysql-brute.nse attack (en)
- Forensic: nmap ssh2-enum-algos attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)
- Forenisc: msfvenom attack (en)
PERTEMUAN: Laporan Forensic