Difference between revisions of "Forensic: IT"

@@ Line 4: / Line 4: @@
 * [[Tujuan dan Ruang Lingkup]]
 * [[Hukum dan Etika]]
+* [[Definition and Basic Concepts (en)]]
+* [[Objectives and Scope (en)]]
+* [[Law and Ethics (en)]]
 ==PERTEMUAN: Proses Akuisisi Data==
@@ Line 10: / Line 16: @@
 * [[Teknik Akuisisi]]
 * [[Dokumentasi dan Chain of Custody]]
+* [[Basic Principles of Acquisition (en)]]
+* [[Acquisition Techniques (en)]]
+* [[Documentation and Chain of Custody (en)]]
 ==PERTEMUAN: Analisis Data==
@@ Line 16: / Line 29: @@
 * [[Teknik Analisis]]
 * [[Analisis Data Jejak]]
+* [[Tools and Software (en)]]
+* [[Analysis Techniques (en)]]
+* [[Trace Data Analysis (en)]]
 ==PERTEMUAN: Investigasi Sistem Operasi==
@@ Line 22: / Line 41: @@
 * [[Sistem Operasi Linux]]
 * [[Sistem Operasi Mobile]]
+* [[Windows Operating System (en)]]
+* [[Linux Operating System (en)]]
+* [[Mobile Operating System (en)]]
 ==PERTEMUAN: Investigasi Jaringan==
@@ Line 28: / Line 53: @@
 * [[Tool dan Teknik]]
 * [[Investigasi Intrusi]]
+* [[Basic Network Concepts (en)]]
+* [[Tools and Techniques (en)]]
+* [[Intrusion Investigation (en)]]
 ==PERTEMUAN: Forensic eMail==
@@ Line 33: / Line 64: @@
 * [[Hands-On: Attack Spoofing SMTP Server & WebMail]]
 * [[Mitigasi eMail attack: GnuPG]]
+* [[SMTP, POP3, IMAP Protocols (en)]]
+* [[Hands-On: Spoofing Attack on SMTP Server & WebMail (en)]]
+* [[Mitigating eMail Attacks: GnuPG (en)]]
 ==PERTEMUAN: Forensic SQL Injection Attack==
@@ Line 41: / Line 77: @@
 * [[Mitigasi: SQL Injection]]
 * [[Mitigasi: Snort IPS]]
+* [[SQL Overview (en)]]
+* [[MySQL (en)]]
+* [[SQL Injection Attack (en)]]
+* [[Hands-On: Attack SQL Injection (en)]]
+* [[Mitigation: SQL Injection (en)]]
+* [[Mitigation: Snort IPS (en)]]
 ==PERTEMUAN: Forensic Command Injection Attack==
@@ Line 48: / Line 93: @@
 * [[Forensic Command Injection Attack]]
 * [[Mitigasi Command Injection Attack]]
+* [[Command Line on a Linux Server (en)]]
+* [[Hands-on Command Injection Attack (en)]]
+* [[Forensic Command Injection Attack (en)]]
+* [[Mitigation of Command Injection Attack (en)]]
 ==PERTEMUAN: Forensic Backdoor via Command Injection Attack==
@@ Line 55: / Line 107: @@
 * [[Hands-on mkfifo attack backdoor di DVWA via Command Injection]]
 * [[Forensic backdoor di Ubuntu]]
+* [[Grep: Scanning Backdoor]]
 * [[Mitigasi backdoor di Ubuntu]]
+* [[TCP port communication via nc (en)]]
+* [[mkfifo: how it works (en)]]
+* [[Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)]]
+* [[Forensic backdoor in Ubuntu (en)]]
+* [[Grep: Scanning for backdoor (en)]]
+* [[Mitigation of backdoor in Ubuntu (en)]]
 ==PERTEMUAN: Forensic File System Linux==
@@ Line 62: / Line 123: @@
 * [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]]
 * [[Mitigasi agar file dan file system aman]]
+* [[Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)]]
+* [[Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)]]
+* [[Mitigation to secure files and file systems (en)]]
@@ Line 71: / Line 137: @@
 * [[Hands-on Forensic Android menggunakan ADB]]
 * [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]]
+* [[Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)]]
+* [[Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)]]
+* [[Android Rooting Techniques if Necessary (en)]]
+* [[Hands-on Android Forensics using ADB (en)]]
+* [[Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)]]
 ==PERTEMUAN: Misc Attack & Forensic==
-	TEORI:	Penggunaan Metasploitable
-		Penggunaan SQLMap untuk SQL Injection
-		Penggunaan nmap untuk payload attack
-		Log yang relevan dengan payload attack
-	DEMO:	Misc. Attack & Forensic
-	FORENSIC:
-		nmap --script smb-enum-users.nse -p445 <host>
-		sudo nmap -sU -sS --script smb-enum-users.nse -p U:137,T:139 <host>
-		nmap --script=mysql-brute <target>
-		Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt --script-trace  192.168.0.100
-		Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt,passdb=/root/pass.txt --script-trace 192.168.0.100
-		msfconsole use auxiliary/scanner/smb/smb_login
-		msfconsole use auxiliary/scanner/smb/smb_enumshares
-		msfvenom
-	MITIGATION:
-		Firewall
-		Access Control List
-		PAM
+* [[Berbagai latihan serangan dan forensic pada Metasploitable]]
+* [[Forensic: nmap smb-enum-users.nse attack]]
+* [[Forensic: nmap mysql-brute.nse attack]]
+* [[Forensic: nmap ssh2-enum-algos attack]]
+* [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack]]
+* [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack]]
+* [[Forensic: msfvenom attack]]
+* [[Example of attackes dan forensic using Metasploitable (en)]]
+* [[Forensic: nmap smb-enum-users.nse attack (en)]]
+* [[Forensic: nmap mysql-brute.nse attack (en)]]
+* [[Forensic: nmap ssh2-enum-algos attack (en)]]
+* [[Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)]]
+* [[Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)]]
+* [[Forenisc: msfvenom attack (en) ]]
 ==PERTEMUAN: Laporan Forensic==
@@ Line 98: / Line 170: @@
 * [[Laporan Forensic: Prosedur Pemeriksaan]]
 * [[Laporan Forensic: Hasil Temuan]]
+* [[Forensic Report: Outline (en)]]
+* [[Forensic Report: Examination Procedures (en)]]
+* [[Forensic Report: Findings (en)]]

Difference between revisions of "Forensic: IT"

Latest revision as of 09:14, 29 October 2024

Contents

PERTEMUAN: Pengenalan IT Forensik

PERTEMUAN: Proses Akuisisi Data

PERTEMUAN: Analisis Data

PERTEMUAN: Investigasi Sistem Operasi

PERTEMUAN: Investigasi Jaringan

PERTEMUAN: Forensic eMail

PERTEMUAN: Forensic SQL Injection Attack

PERTEMUAN: Forensic Command Injection Attack

PERTEMUAN: Forensic Backdoor via Command Injection Attack

PERTEMUAN: Forensic File System Linux

PERTEMUAN: Investigasi Perangkat Mobile

PERTEMUAN: Misc Attack & Forensic

PERTEMUAN: Laporan Forensic

Navigation menu

Search