Difference between revisions of "Forensic: IT"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 53: | Line 53: | ||
* [[Tool dan Teknik]] | * [[Tool dan Teknik]] | ||
* [[Investigasi Intrusi]] | * [[Investigasi Intrusi]] | ||
+ | |||
+ | |||
+ | * [[Basic Network Concepts (en)]] | ||
+ | * [[Tools and Techniques (en)]] | ||
+ | * [[Intrusion Investigation (en)]] | ||
+ | |||
==PERTEMUAN: Forensic eMail== | ==PERTEMUAN: Forensic eMail== | ||
Line 58: | Line 64: | ||
* [[Hands-On: Attack Spoofing SMTP Server & WebMail]] | * [[Hands-On: Attack Spoofing SMTP Server & WebMail]] | ||
* [[Mitigasi eMail attack: GnuPG]] | * [[Mitigasi eMail attack: GnuPG]] | ||
+ | |||
+ | |||
+ | * [[SMTP, POP3, IMAP Protocols (en)]] | ||
+ | * [[Hands-On: Spoofing Attack on SMTP Server & WebMail (en)]] | ||
+ | * [[Mitigating eMail Attacks: GnuPG (en)]] | ||
==PERTEMUAN: Forensic SQL Injection Attack== | ==PERTEMUAN: Forensic SQL Injection Attack== | ||
Line 66: | Line 77: | ||
* [[Mitigasi: SQL Injection]] | * [[Mitigasi: SQL Injection]] | ||
* [[Mitigasi: Snort IPS]] | * [[Mitigasi: Snort IPS]] | ||
+ | |||
+ | |||
+ | * [[SQL Overview (en)]] | ||
+ | * [[MySQL (en)]] | ||
+ | * [[SQL Injection Attack (en)]] | ||
+ | * [[Hands-On: Attack SQL Injection (en)]] | ||
+ | * [[Mitigation: SQL Injection (en)]] | ||
+ | * [[Mitigation: Snort IPS (en)]] | ||
+ | |||
==PERTEMUAN: Forensic Command Injection Attack== | ==PERTEMUAN: Forensic Command Injection Attack== | ||
Line 73: | Line 93: | ||
* [[Forensic Command Injection Attack]] | * [[Forensic Command Injection Attack]] | ||
* [[Mitigasi Command Injection Attack]] | * [[Mitigasi Command Injection Attack]] | ||
+ | |||
+ | |||
+ | * [[Command Line on a Linux Server (en)]] | ||
+ | * [[Hands-on Command Injection Attack (en)]] | ||
+ | * [[Forensic Command Injection Attack (en)]] | ||
+ | * [[Mitigation of Command Injection Attack (en)]] | ||
+ | |||
==PERTEMUAN: Forensic Backdoor via Command Injection Attack== | ==PERTEMUAN: Forensic Backdoor via Command Injection Attack== | ||
Line 81: | Line 108: | ||
* [[Forensic backdoor di Ubuntu]] | * [[Forensic backdoor di Ubuntu]] | ||
* [[Mitigasi backdoor di Ubuntu]] | * [[Mitigasi backdoor di Ubuntu]] | ||
+ | |||
+ | |||
+ | * [[TCP port communication via nc (en)]] | ||
+ | * [[mkfifo: how it works (en)]] | ||
+ | * [[Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)]] | ||
+ | * [[Forensic backdoor in Ubuntu (en)]] | ||
+ | * [[Mitigation of backdoor in Ubuntu (en)]] | ||
+ | |||
==PERTEMUAN: Forensic File System Linux== | ==PERTEMUAN: Forensic File System Linux== | ||
Line 87: | Line 122: | ||
* [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]] | * [[Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete]] | ||
* [[Mitigasi agar file dan file system aman]] | * [[Mitigasi agar file dan file system aman]] | ||
+ | |||
+ | |||
+ | * [[Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)]] | ||
+ | * [[Mitigation to secure files and file systems (en)]] | ||
Line 96: | Line 136: | ||
* [[Hands-on Forensic Android menggunakan ADB]] | * [[Hands-on Forensic Android menggunakan ADB]] | ||
* [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]] | * [[Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi]] | ||
+ | |||
+ | |||
+ | * [[Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)]] | ||
+ | * [[Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)]] | ||
+ | * [[Android Rooting Techniques if Necessary (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB (en)]] | ||
+ | * [[Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)]] | ||
+ | |||
==PERTEMUAN: Misc Attack & Forensic== | ==PERTEMUAN: Misc Attack & Forensic== | ||
Line 121: | Line 169: | ||
* [[Laporan Forensic: Prosedur Pemeriksaan]] | * [[Laporan Forensic: Prosedur Pemeriksaan]] | ||
* [[Laporan Forensic: Hasil Temuan]] | * [[Laporan Forensic: Hasil Temuan]] | ||
+ | |||
+ | |||
+ | * [[Forensic Report: Outline (en)]] | ||
+ | * [[Forensic Report: Examination Procedures (en)]] | ||
+ | * [[Forensic Report: Findings (en)]] |
Revision as of 07:46, 20 October 2024
PERTEMUAN: Pengenalan IT Forensik
PERTEMUAN: Proses Akuisisi Data
- Basic Principles of Acquisition (en)
- Acquisition Techniques (en)
- Documentation and Chain of Custody (en)
PERTEMUAN: Analisis Data
PERTEMUAN: Investigasi Sistem Operasi
PERTEMUAN: Investigasi Jaringan
PERTEMUAN: Forensic eMail
- Protocol SMTP POP3 IMAP
- Hands-On: Attack Spoofing SMTP Server & WebMail
- Mitigasi eMail attack: GnuPG
- SMTP, POP3, IMAP Protocols (en)
- Hands-On: Spoofing Attack on SMTP Server & WebMail (en)
- Mitigating eMail Attacks: GnuPG (en)
PERTEMUAN: Forensic SQL Injection Attack
- SQL Overview
- MySQL
- SQL Injection Attack
- Hands-On: Attack SQL Injection
- Mitigasi: SQL Injection
- Mitigasi: Snort IPS
- SQL Overview (en)
- MySQL (en)
- SQL Injection Attack (en)
- Hands-On: Attack SQL Injection (en)
- Mitigation: SQL Injection (en)
- Mitigation: Snort IPS (en)
PERTEMUAN: Forensic Command Injection Attack
- Command Line di Server Linux
- Hands-on Command Injection Attack
- Forensic Command Injection Attack
- Mitigasi Command Injection Attack
- Command Line on a Linux Server (en)
- Hands-on Command Injection Attack (en)
- Forensic Command Injection Attack (en)
- Mitigation of Command Injection Attack (en)
PERTEMUAN: Forensic Backdoor via Command Injection Attack
- TCP port communication via nc
- mkfifo: cara kerja
- Hands-on mkfifo attack backdoor di DVWA via Command Injection
- Forensic backdoor di Ubuntu
- Mitigasi backdoor di Ubuntu
- TCP port communication via nc (en)
- mkfifo: how it works (en)
- Hands-on mkfifo attack backdoor in DVWA via Command Injection (en)
- Forensic backdoor in Ubuntu (en)
- Mitigation of backdoor in Ubuntu (en)
PERTEMUAN: Forensic File System Linux
- Overview tentang dd, ntfsundelete, ext3undelete dan extundelete
- Hands-on File Forensic menggunakan dd, ntfsundelete, ext3undelete, dan extundelete
- Mitigasi agar file dan file system aman
- Overview of dd, ntfsundelete, ext3undelete, and extundelete (en)
- Hands-on File Forensics using dd, ntfsundelete, ext3undelete, and extundelete (en)
- Mitigation to secure files and file systems (en)
PERTEMUAN: Investigasi Perangkat Mobile
- Karakteristik Perangkat Mobile: Sistem operasi mobile, Aplikasi pihak ketiga, Cloud storage
- Teknik Akuisisi Physical extraction vs. Logical extraction
- Teknik Rooting Android jika diperlukan
- Hands-on Forensic Android menggunakan ADB
- Hands-on Forensic Android menggunakan ADB untuk analisa SMS, panggilan, kontak, Whatsapp, Data Lokasi
- Characteristics of Mobile Devices: Mobile Operating Systems, Third-Party Applications, Cloud Storage (en)
- Acquisition Techniques: Physical Extraction vs. Logical Extraction (en)
- Android Rooting Techniques if Necessary (en)
- Hands-on Android Forensics using ADB (en)
- Hands-on Android Forensics using ADB for analyzing SMS, calls, contacts, WhatsApp, Location Data (en)
PERTEMUAN: Misc Attack & Forensic
- Berbagai latihan serangan dan forensic pada Metasploitable
- Forensic: nmap smb-enum-users.nse attack
- Forensic: nmap mysql-brute.nse attack
- Forensic: nmap ssh2-enum-algos attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack
- Forenisc: msfvenom attack
- Example of attackes dan forensic using Metasploitable (en)
- Forensic: nmap smb-enum-users.nse attack (en)
- Forensic: nmap mysql-brute.nse attack (en)
- Forensic: nmap ssh2-enum-algos attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_login attack (en)
- Forensic: msfconsole use auxiliary/scanner/smb/smb_enumshares attack (en)
- Forenisc: msfvenom attack (en)
PERTEMUAN: Laporan Forensic