IFCI Expert Cybercrime Investigators Course

Protect your network – Put cybercriminals in jail. Learn computer forensics, malware analysis and hacker investigations.
IFCI Expert Cybercrime Investigators Course
File Size :
10.21 GB
Total length :
16h 22m



Brian Hussey


Last update




IFCI Expert Cybercrime Investigators Course

What you’ll learn

Respond to cybercrime incidents, forensic acquisition, volatile memory acquisition, and live system analysis.
Conduct full system computer forensic investigation, recover deleted files, carve data structures from unallocated space.
Identify, extract, and analyze malware.
Analyze data breach incidents to determine if and what data was stolen.
Conduct volatile memory analysis using Volatility.
Learn the history of cybercrime, how it intertwines with organized crime, is monetized, cyber espionage, cyber terror and nation state sponsored attacks.
Learn hacker tactics, techniques, and procedures – and how to defend against them.
Learn techniques to pursue cybercriminals across the globe.
Testify as an expert witness against computer criminals.
Take the exam and become a professional IFCI Certified Cybercrime Investigator (IFCI-CCI)

IFCI Expert Cybercrime Investigators Course


This course is for computer forensics beginners who are already skilled in general usage of Windows computers.


What is the IFCI Cybercrime Investigator’s Course?
IFCI’s flagship training program is the IFCI-CCI (Cybercrime Investigator) Training course. The IFCI-CCI teaches students the skills necessary to respond to all kinds of cybercrime incidents, from initial incident response and digital crime scene evidence acquisition to advanced forensic analysis and tracking International cybercriminals across the Internet.
The main goal for this course is to empower the nation’s cyber investigators with the knowledge, skills and abilities to undertake and successfully carry out their own investigations. This course is the first step for investigators to turn the tables on cyber criminals who are fleecing legitimate economies worldwide of billions of dollars every year.
Some Course highlights include:
15 hands-on labs – devised of real world scenarios Analysis of Windows forensic artifacts Volatile memory analysis Network intrusion investigations Internet activity and email analysis Network traffic data analysis International cybercriminal profiling Attack vector identification Dynamic malware analysis
Who Should Take this course?
Anybody whose job requires them to respond to cyber incidents, or anyone with an interest in cybercrime investigation, should take the IFCI-CCI training course. This course will help you by providing fast solutions to the following emergency situations:
Corporate Risk/Security – Intellectual Property Theft Case: Your Research and Development Director quits and goes to work for a competitor.
Can you determine if he copied your company’s secrets to a USB drive to take with him?
Police Investigations – Kidnapping Case: A child is taken from his home at night and the family receives an email with a proof-of-life picture and ransom demand.
Can you extract IP addresses from the email headers to track the offender back to his location, or extract lat/long coordinates from the picture’s EXIF data to determine the exact location the picture was taken?
IT Security Team – Rogue Malware Case: You discover malware on an internal corporate computer but you don’t know what it does or why it’s there.
Can you analyze the malware, determine its capabilities, identify its target data, and destroy its data exfiltration file before your corporate proprietary information is lost?
Federal Cyber Agent – Botnet Investigation Case: You’ve tracked botnet malware back to a specific set of command and control servers, but what’s the next step?
Can you determine the server’s physical location in the world and research current and historical whois information? Are you able to research other malicious domains associated with the same IP address and track Command and Control proxy servers back to specific malicious actors?
E-Discovery Analyst – File access case: You’ve recovered and indexed thousands of PDF files on a computer. One was flagged as key to the case and you are asked if the computer owner knew of and accessed this file.
Can you examine the Windows registry and link files to determine the exact time and date that specific users accessed individual files?

Why take this course?
Cybercrime is epidemic. The headlines declare it daily:
2015 – SONY is devastated by an attack that destroys its internal systems, steals terabytes of private data, posts unreleased movies on Internet torrent sites, and humiliates corporate executives. The cost to corporate image and revenue stream is uncountable. 2014 – Home Depot is hacked, losing an estimated 55 million credit cards to the cybercrime underground. 2013 – Russian Hackers steal 40 million credit cards from Target, resulting in approx $1 billion in losses to the company. 2012 – The Shamoon virus destroys nearly 30,000 Saudi Aramco Computers, temporarily shutting down one of the world’s largest corporations. 2011 – SONY data breach lost personal details and payment information for approximately 77 million customers, resulting in massive monetary loss and the temporary closure of the PlayStation Gaming Network.
The corporations victimized in these situations were unprepared to respond to the attacks causing delayed investigations and reduced information flow to decision-making executives. Eventually, they contracted out the investigations to high-priced consultants, whose investigative results were often too little, too late.
IFCI-CCI’s mission is to provide our students the knowledge and skills necessary to respond to network attacks immediately, analyze the evidence, produce actionable cyber-intelligence, and implement it to shore up security vulnerabilities before they become massive breaches like those mentioned above.
There is a dearth of quality training in computer forensics, even less for hacker and malware focused investigations, and almost nothing that is available in a convenient online format that can be studied from the comfort of your own home, and fit to your own schedule. IFCI fills this void by providing the finest cybercrime investigation training in the world, created and delivered by some of the world’s foremost experts in their field, and streamed directly to any Internet-connected device you choose to employ.


Section 1: Computer Forensics Core Concepts

Lecture 1 The World of Cybercrime Investigation

Lecture 2 Subfields of Computer Forensics

Lecture 3 Roles and Responsibilities of the Cybercrime Investigator

Lecture 4 Computer Forensic Tools and Testing

Lecture 5 Sources of Digital Evidence

Lecture 6 Home Computer Setup for IFCI Labs

Section 2: Forensic Acquisitions: Theory & Practice

Lecture 7 Incident Response Triage and Forensic Acquisitons

Lecture 8 Hashes – Digital Fingerprints

Lecture 9 Lab1 – Hashing

Lecture 10 Incident Responder’s Forensic Acquisition Process

Lecture 11 Different Approaches to Forensic Acquisition

Lecture 12 Volatile Memory Acquisition

Lecture 13 Lab2 – Forensic Acquisition Lab

Section 3: File Systems, Data Structures, and File Deletion Recovery

Lecture 14 Introduction to File Systems and Operating Systems

Lecture 15 Data Structures

Lecture 16 Slack Space and Deleted Files

Lecture 17 File System Limitations

Lecture 18 FAT File Systems

Lecture 19 NTFS File Systems

Lecture 20 File Carving and File Fragmentation

Lecture 21 Lab 3 Deleted File Recovery

Section 4: Email & Internet History Analysis

Lecture 22 Email Analysis

Lecture 23 Host and Web Based Email Extraction

Lecture 24 Email Header Analyisis and Base64 Encoding

Lecture 25 LAB 4 – Email Analysis

Lecture 26 Internet Activity Analysis Introduction

Lecture 27 Chrome and Firefox Analysis

Lecture 28 Internet Explorer Analysis

Lecture 29 Cookies, Cache, and IE Artifacts

Lecture 30 URL Obfuscation

Lecture 31 LAB 5 – Internet Activity Analysis

Section 5: Windows System Forensic Artifacts – Part 1

Lecture 32 Timeline Analysis

Lecture 33 Time Zone Issues

Lecture 34 Time Stamps

Lecture 35 Non-Standard Timestamps and Timeline Antiforensics

Lecture 36 MAC Time Triangulation

Lecture 37 User Attribution and Analysis

Lecture 38 Recycle Bin Analysis

Lecture 39 Lab 6 – Recycle Bin Analysis

Lecture 40 Link File Analysis

Lecture 41 Other Locations of Interest

Lecture 42 Lab 7 – Link File Analysis

Section 6: Windows System Forensic Artifacts Part 2 and File Signature Analysis

Lecture 43 Thumbs.db and Thumbcache Analysis

Lecture 44 Prefetch File Analysis

Lecture 45 Lab 8 – Prefetch File Analysis

Lecture 46 Persistent RAM Files and System Restore Functions

Lecture 47 File Signature Analysis

Lecture 48 Lab 9 – File Signature Analysis

Lecture 49 Metadata Analysis

Lecture 50 Exif Data Analysis

Lecture 51 Lab 10 – Exif Data Analysis

Section 7: Module 7 – Windows System Logs & Registry Analysis

Lecture 52 Windows Log Analysis

Lecture 53 System and Application Event Log Analysis

Lecture 54 Security Event Log Analysis

Lecture 55 Dr Watson Logs

Lecture 56 Lab 11 – Event Log Analysis

Lecture 57 Introduction to the Windows Registry

Lecture 58 Registry Analysis -USB Devices

Lecture 59 Registry Analysis – NTUser.dat – Part 1

Lecture 60 Registry Analysis – NTUser.dat – Part 2

Lecture 61 Registry Analysis – Autostarts

Lecture 62 Lab 12 – Registry Analysis

Section 8: Introduction to Malware and Network Intrusions

Lecture 63 The Hacking Process

Lecture 64 Hacker Motivations

Lecture 65 Hacker Strategies

Lecture 66 Botnet Investigations

Lecture 67 Drive-by Downloads

Lecture 68 Malware Propagation

Lecture 69 Polymorphism and Packers

Lecture 70 Social Engineering

Lecture 71 Rootkits

Section 9: Network Data Analysis

Lecture 72 Network Data Evidence and IP Addressing

Lecture 73 TCP and UDP Communication Protocols

Lecture 74 Network Communication and Ports

Lecture 75 HTTP Analysis and DNS Poisioning

Lecture 76 Network Scanners and Sniffers

Section 10: Cybercrime, Cyber Terror, & Cyber Espionage Investigations

Lecture 77 The Blurred Lines Between Cybercrime, Cyberwar, and Cyberespionage

Lecture 78 The Intersection of Cybercrime and Cyberwar

Lecture 79 Russian Organized Cybercrime

Lecture 80 Supply Chain Interdiction

Lecture 81 Criminal Domain Investigations

Lecture 82 Domain and IP Address Investigation Tools

Lecture 83 Lab 13 – Criminal Domain Investigations

Lecture 84 Stuxnet

Lecture 85 Point of Sale Server Attacks

Lecture 86 Point of Sale Server- Malware

Lecture 87 Point of Sale Server- Exfiltration

Lecture 88 Point of Sale Server- Advanced Investigative Techniques

Section 11: Volatile Memory Analysis

Lecture 89 Volatile Memory Analysis Introduction

Lecture 90 Volatility Introduction

Lecture 91 Analyzing ZeuS Malware with Volatility

Lecture 92 Malware Analysis Using Volatility – Part 1

Lecture 93 Malware Analysis Using Volatility – Part 2

Lecture 94 Volatility – Advanced Capabilities

Lecture 95 Lab 14_1 Volatile Memory Analysis of IRC Malware and VNC Attack

Lecture 96 Lab 14_2 Volatile Memory Analysis of SilentBanker Malware

Section 12: Dynamic Malware Analysis

Lecture 97 Introduction to Dynamic Malware Analysis

Lecture 98 Virtual Malware Analysis Environment Setup – Part 1

Lecture 99 Virtual Malware Analysis Environment Setup – Part 2

Lecture 100 IRC Malware Analysis – Part 1

Lecture 101 IRC Malware Analysis – Part 2

Lecture 102 Lab 15 – Basic Malware Analysis – IRC Bot

Lecture 103 Lab 16-1 Advanced Malware Analysis – Rootkits

Lecture 104 Lab 16-2 Advanced Malware Analysis – Rootkits

Lecture 105 Lab 16-3 Advanced Malware Analyis – Rootkits

Lecture 106 Lab 16-4 Advanced Malware Analysis – Rootkits

Section 13: IFCI Course – Wrapup

Lecture 107 IFCI Course Review

Technical personnel tasked with, or interested in network security, computer forensics, or malware analysis.,Law enforcement officers, federal agents, and intelligence analysts tasked with cyber operations will all benefit from this course.,This is a beginner’s course, it is also very useful for hobbyists, reporters, and any interested parties.,While this is a beginner’s course, the material gets more and more complex as the class continues. It is in-depth, detailed, and hands-on and requires maximum effort for maximum benefit – therefore it is not recommended for casual observers not interested in putting forth the effort required to learn the material.

Course Information:

Udemy | English | 16h 22m | 10.21 GB
Created by: Brian Hussey

You Can See More Courses in the IT & Software >> Greetings from CourseDown.com

New Courses

Scroll to Top