K-Tech Centre of Excellence in Cyber Security (CySecK)
Digital Defenders CTF 2023 Masterclass Webinar-6
Samgacchadhwam Series Webinar #62
Topic: Forensics - Part 2
Speaker: Mr. Nithin Chenthur P., Forensics Lead, Team bi0s, Ettimadai, Coimbatore
Date: Friday, 23rd June 2023
Time: 3:30 - 5:00 p.m.
During the first part of the webinar, we will uncover the secrets of steganography. You will learn the definition and purpose of steganography, which involves hiding information within various mediums. We will discuss different types of steganography techniques, including text-based, image-based, audio-based, and file-based methods. Moreover, we will showcase examples of steganography tools and their real-world applications, allowing you to gain a practical understanding of this fascinating field.
In the second part of the webinar, we will delve into the realm of disk forensics. We will begin by understanding how disk or secondary memory works and explore how data is managed and stored on a disk. You will learn about file retrieval and data carving techniques, which are essential for recovering data from compromised or damaged systems. We will delve into file system analysis, file carving, timeline analysis, and metadata analysis, equipping you with the necessary skills to conduct thorough disk forensics investigations.
In the final part of the webinar, we will introduce you to Volatility, a powerful framework for memory analysis. You will learn how to utilize Volatility tools to extract valuable information from memory captures. We will explain the concept of plugins and demonstrate their usage in analyzing memory data. Additionally, you will gain a basic understanding of memory architecture and learn how to extract important data such as running processes and files loaded into memory.
By the end of this webinar, you will have a comprehensive understanding of steganography techniques, disk forensics, and the Volatility framework for memory analysis. These skills and knowledge will enable you to uncover hidden information, analyze disk data, and extract valuable insights from memory captures. Don't miss this opportunity to enhance your expertise in DFIR.
Webinar Attendance:
To attend the webinar, please use the link given below:
Webinar Password: x2ZsW8PX6jD (92979879 from phones and video systems) Webinar Number (access code): 2572 012 3140 |
Assessment Link: Assessment Closed.
Webinar Registration:
This webinar is open to both the Digital Defenders Capture the Flag (CTF) 2023 registrants and to the general public. However, the following guidelines need to be followed:
Category 1: Digital Defenders Capture the Flag (CTF) 2023 Registrants
(a) Registration should have been completed through the Registration Form on the website: https://cs-coe.iisc.ac.in/ctf2023 on or before 5th June 2023.
(b) To be considered for the CTF, you need to attend/view the recordings of all the eight webinars and participate in all the post-Webinar Assessments that follow.
(c) Only
the Top 500 CTF 2023 Registrants with the highest scores in the
Assessments that follow each webinar would be eligible to participate in
the CTF.
Category 2: Members of the General Public (not registered for Digital Defenders CTF 2023)
(a) Please navigate to the URL: https://cs-coe.iisc.ac.in/portal/auth and register yourself with CySecK by clicking on "Register as User".
(b) Once registered on the CySecK website, please login and click on the "View" button below "Webinars" on your Dashboard page.
(c) Once you are on the "Webinars" page, please click on the title of the webinar which appears under "Webinars open for registrations".
(d) At the bottom of the screen, please click on "Register".
Note:
1) Google Form is used for Assessment and may ask for a Google Account login. Therefore, its preferred that you use a Gmail address.
2) We request you to please use the same email address to register for all CySeck activities and events.3) Please use your registered email address with CySecK/CTF 2023 to login to the webinar through Webex and while updating the "Email" field in the Assessment Form.