Before the course |
|
(W00) Course Instructions |
|
00:00:00 |
|
(W37M01) MacOS Anti-forensics: The Introduction |
|
00:00:00 |
|
(W37M02) MacOS Anti-forensics: Releases & Components |
|
00:00:00 |
|
(W37M03) People working in macOS anti-forensics & Wrap-up |
|
00:00:00 |
|
(W37M04) MacOS components and anti-forensics |
|
00:00:00 |
|
(W37A01) Introductory Assignment |
30, 00:00 |
Module 1 |
|
(W37M05) Introduction to Module 1 |
|
00:00:00 |
|
(W37M06) Introduction to macOS anti-forensics |
|
00:00:00 |
|
(W37M07) Categories of macOS anti-forensics |
|
00:00:00 |
|
(W37M08) macOS components critical for anti-forensics |
|
00:00:00 |
|
(W37M09) Category - Data Hiding |
|
00:00:00 |
|
(W37M10) Category - Artefact wiping |
|
00:00:00 |
|
(W37M11) Category - Trail Obfuscation |
|
00:00:00 |
|
(W37M12) Category - Attacks Against Forensics |
|
00:00:00 |
|
(W37M13) Category - Case Study - the Marble framework |
|
00:00:00 |
|
(W37M14) Privacy protection in Safari, Part 1 |
|
00:00:00 |
|
(W37M15) Privacy protection in Safari, Part 2 |
|
00:00:00 |
|
(W37A02) Module 1 Assignments |
30, 00:00 |
Module 2 |
|
(W37M16) Tooling introduction - data hiding |
|
00:00:00 |
|
(W37M17) Data hiding - SilentEye walkthrough |
|
00:00:00 |
|
(W37M18) Data hiding - SilentEye Overview |
|
00:00:00 |
|
(W37M19) Data Hiding - SilentEye - Pros and Cons |
|
00:00:00 |
|
(W37M20) Data hiding experiments: SilentEye - lab setup |
|
00:00:00 |
|
(W37M21) SilentEye - Steganography without encrytpion |
|
00:00:00 |
|
(W37M22) SilentEye: Steganography with encryption |
|
00:00:00 |
|
(W37M23) SilentEye: File in an image steganography without encryption |
|
00:00:00 |
|
(W37M24) SilentEye: File in an image steganography with encryption |
|
00:00:00 |
|
(W37M25) Data hiding: Intro to Filevault |
|
00:00:00 |
|
(W37M26) Data hiding: enable Filevault |
|
00:00:00 |
|
(W37M27) Data hiding: disable Filevault |
|
00:00:00 |
|
(W37M28) Datahiding: Filevault Pros and Cons |
|
00:00:00 |
|
(W37M29) What is artefact wiping? |
|
00:00:00 |
|
(W37M30) Artefact wiping with Disk Utility |
|
00:00:00 |
|
(W37M31) Experiments with Disk Utility |
|
00:00:00 |
|
(W37M32) Diskutulity Pros and Cons |
|
00:00:00 |
|
(W37M33) Intro to Disk Utility debug model |
|
00:00:00 |
|
(W37M34) Experiments with Disk Utility Debug |
|
00:00:00 |
|
(W37M35) Disk Utility Debug Pros and Cons |
|
00:00:00 |
|
(W37M36) What is trail obfuscation? |
|
00:00:00 |
|
(W37M37) Trail obfuscation experiments |
|
00:00:00 |
|
(W37M38) Trail obfuscation - experiment |
|
00:00:00 |
|
(W37M39) Tunnelblick and obfsproxy - Lab setup |
|
00:00:00 |
|
(W37M40) Tunnelblick walkthrough |
|
00:00:00 |
|
(W37M41) Trail obfuscation - Get the IP address |
|
00:00:00 |
|
(W37M42) Tunnelblick - Pros and Cons |
|
00:00:00 |
|
(W37M43) Attacks against forensics - introduction |
|
00:00:00 |
|
(W37M44) What is counterforensics? |
|
00:00:00 |
|
(W37M45) What is CyberChef? |
|
00:00:00 |
|
(W37M46) Lab Setup - CyberChef |
|
00:00:00 |
|
(W37M48) CyberChef walkthrough |
|
00:00:00 |
|
(W37M49) CyberChef operation DateTime |
|
00:00:00 |
|
(W37M50) CyberChef operation zip/unzip |
|
00:00:00 |
|
(W37M51) CyberChef operation: hashing |
|
00:00:00 |
|
(W37M52) How to work with a recipe |
|
00:00:00 |
|
(W37M53) CyberChef - Morse Code |
|
00:00:00 |
|
(W37M54) Cyberchef: dataformat |
|
00:00:00 |
|
(W37M55) CyberChef - pros and cons |
|
00:00:00 |
|
(W37M47) Information on module 2 examination |
|
00:00:00 |
|
(W37A03) Module 2 Assignments - Theory |
30, 00:00 |
|
(W37A04) Module 2 Assignments - Practice |
30, 00:00 |
|
(W37M00) Usecases - Addendum |
|
00:00:00 |
|
(W37A03) Module 2 Assignments - Theory |
30, 00:00 |
|
(W37A04) Module 2 Assignments - Practice |
30, 00:00 |
Module 3 |
|
(W37M00) Module 3 Introduction |
|
00:00:00 |
|
(W37M56) Forensics vs Anti-Forensics Arms Race |
|
00:00:00 |
|
(W37M57) Anti-Forensics - macOS vs Windows |
|
00:00:00 |
|
(W37M58) Windows Anti-Forensic Tools - BitLocker |
|
00:00:00 |
|
(W37M59) Case Study - IoT |
|
00:00:00 |
|
(W37M60) Case study - fileless malware |
|
00:00:00 |
|
(W37M61) Effectiveness of Anti-Forensics Software |
|
00:00:00 |
|
(W37M62) Case Study - Azure Sphere |
|
00:00:00 |
|
(W37M63) Case Study - ITP2 |
|
00:00:00 |
|
(W37M64) Case-Study - Celeb Gate |
|
00:00:00 |
|
(W37M65) iOS and macOS - future plans |
|
00:00:00 |
|
(W37A05) Module 3 Exercises |
30, 00:00 |
|
(W37M00) Addendum: FAQ - Project Marzipan |
|
00:00:00 |
Final Exam |
|
(W37A06) Final Exam |
30, 00:00 |