Shows
CyberCode AcademyCourse 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 5: Forensic Access and RAM Extraction with InceptionIn this lesson, you’ll learn about:The forensic purpose of Inception for accessing live, locked systems without powering them downWhy volatile memory preservation makes Inception valuable during on-scene triageHow the DMA exploit works via FireWire and Thunderbolt interfacesThe concept of planting a temporary RAM-based authentication bypass that disappears after rebootHow Inception is integrated into the Paladin forensic suiteThe practical setup process, including booting Paladin, escalating privileges with sudo -s, and running inceptThe importance of selecting the correct operating sy...
2026-02-0814 min
CyberCode AcademyCourse 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 4: RAM Capture via Magnet and FTK ImagerIn this lesson, you’ll learn about:A technical overview of memory acquisition using Magnet RAM Capture and FTK ImagerHow RAM footprint size affects evidence integrity during live memory collectionThe key features of Magnet RAM Capture, including custom output paths and memory image splittingWhy file segmentation is operationally important when handling large RAM capturesThe role of FTK Imager as a multifunctional triage and imaging toolFTK Imager’s additional capabilities, such as registry collection, hexadecimal viewing, and logical drive previewPerformance benc...
2026-02-0711 min
CyberCode AcademyCourse 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 3: Comparing Belkasoft and Magnet ToolsIn this lesson, you’ll learn about:The role of RAM acquisition in digital forensics and why volatile memory is critical evidenceHow benchmarking RAM extraction tools helps investigators make defensible tactical decisionsA technical comparison between Belkasoft RAM Capturer and Magnet RAM CaptureThe trade-offs between system footprint and extraction speed during live memory captureHow both tools operate in kernel mode and why this matters for bypassing OS protectionsDifferences in output formats (.mem vs .dmp) and their forensic implicationsPractical factors fo...
2026-02-0611 min
CyberCode AcademyCourse 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 2: Benchmarking Tools and Using MoonSols DumpItIn this lesson, you’ll learn about:Why Benchmarking RAM Extraction Tools MattersHow benchmarking supports defensible tool selection in forensic investigations.Using measurable metrics to justify decisions during reports or court testimony.Understanding that different systems and environments can affect tool behavior.Key Benchmarking CriteriaRAM Footprint: Measuring how much memory the tool consumes while running and how much evidence it overwrites.Extraction Speed: Evaluating how fast a full memory dump can be completed, especially when using high-speed media like USB 3.0 drives.Ex...
2026-02-0511 min
CyberCode AcademyCourse 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 1: Value, Strategy, and Technical PreparationIn this lesson, you’ll learn about:Why RAM Is Critical Forensic EvidenceHow volatile memory captures data that never touches disk and is lost on shutdown.Recovering private browsing sessions, chat data, webmail content, and remnants of failed wiping attempts.Identifying in-memory malware, including rootkits, injected code, and hidden processes that evade disk-based scanners.Extracting encryption keys and credentials (e.g., BitLocker, TrueCrypt, cached passwords) that unlock otherwise inaccessible evidence.The “RAM Debate”: When to Capture vs. When to SkipUnderstanding how missing RAM eviden...
2026-02-0416 min
CyberCode AcademyCourse 21 - Digital Forensics: Windows Shellbags | Episode 5: Shellbags Forensics: Validating Network Drive ActivityIn this lesson, you’ll learn about:Validating Network Drive Activity with ShellbagsHow Windows Shellbags act as a silent witness for user interaction with network shares and mapped drives.Why UsrClass.dat is a critical artifact for proving access to remote resources, even when permissions are restricted.Recording Remote Folder AccessHow accessing a mapped network drive (e.g., Z:) generates Shellbag entries.Capturing exact remote folder paths (such as administrative or restricted directories) that a user navigated to.Demonstrating that Shellbags records navigation, no...
2026-02-0312 min
CyberCode AcademyCourse 21 - Digital Forensics: Windows Shellbags | Episode 4: Shellbag Forensics: Tracking USB Device History and Artifact ValidationIn this lesson, you’ll learn about:USB Forensics Using Shellbag ArtifactsHow Windows Shellbags can be leveraged to reconstruct user interaction with removable media.Why Shellbags are valuable for determining whether files were copied to or from USB devices, even when the media is no longer connected.Initial Evidence Generation and CollectionCreating controlled forensic artifacts by moving test files onto a FAT16-formatted USB drive.Exporting relevant registry hives (such as USRCLASS.DAT) using FTK Imager.Loading these hives into Shellbag Explorer for st...
2026-02-0212 min
CyberCode AcademyCourse 21 - Digital Forensics: Windows Shellbags | Episode 3: ShellBag Forensics: Practical Validation and Timestamp AnalysisIn this lesson, you’ll learn about:Practical ShellBag Forensics WorkflowHow ShellBags function as registry-based artifacts that record user folder interaction and view preferences.The full investigative cycle: evidence creation, acquisition, analysis, and validation.Registry Hive AcquisitionCreating controlled user activity (e.g., test folders) to deliberately generate ShellBag evidence.Exporting NTUSER.DAT from the root of the user profile and USRCLASS.DAT from the AppData directory using FTK Imager.Required system configuration steps, including enabling hidden files and protected operating system files, to ac...
2026-02-0113 min
CyberCode AcademyCourse 21 - Digital Forensics: Windows Shellbags | Episode 2: Forensic System Setup and Local Drive IntegrationIn this lesson, you’ll learn about:Preparing a Forensic WorkstationThe purpose of using a controlled forensic setup to safely extract and analyze system artifacts.Why working from an acquired drive or image is critical for maintaining evidentiary integrity.Essential Tools for Shellbag and Registry AnalysisShellbags Explorer: Used to parse and analyze shellbag artifacts associated with user folder navigation.FTK Imager (Lite): A portable, self-contained tool for accessing drives and exporting forensic artifacts without installing software on the target system.Loading a System Dr...
2026-01-3114 min
CyberCode AcademyCourse 21 - Digital Forensics: Windows Shellbags | Episode 1: Windows Shellbags: Forensic Fundamentals and Deep Dive AnalysisIn this lesson, you’ll learn about:What Windows Shellbags Are and Why They MatterHow shellbags are registry-based artifacts created by Windows Explorer to store folder view preferences.Why they are a powerful source of user activity evidence, even when files or folders no longer exist.How Shellbags Are Created and UpdatedThe specific user actions that trigger shellbag updates, such as resizing windows or changing icon views.Why even casual folder browsing can leave long-lasting forensic traces.Forensic Value of Shellbags...
2026-01-3013 min
CyberCode AcademyCourse 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 5: Identifying and Analyzing Cryptography in MalwareIn this lesson, you’ll learn about:Why Malware Uses Cryptography and EncodingHow encryption and encoding are used to conceal payloads, configuration data, and command-and-control traffic.The difference between encoding (obfuscation for transport) and encryption (confidentiality and anti-analysis).Why cryptographic protections are often the final barrier hiding a malware sample’s true behavior.Common Encoding and Encryption TechniquesSimple schemes such as XOR loops and Base64 for lightweight obfuscation.Strong cryptographic algorithms including AES and RC4 to protect embedded payloads and network communications.
2026-01-2918 min
CyberCode AcademyCourse 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 4: Dynamic API Resolution: Walking the PEB and ParsingIn this lesson, you’ll learn about:Why Malware Builds Its Own Import TablesHow bypassing static, dynamic, and runtime linking hides API usage from analysis tools.Why this technique is especially valuable for shellcode, which executes without a normal Windows loader.How custom API resolution breaks automated inspection and signature-based detection.Locating System Libraries via the PEBAccessing the Process Environment Block (PEB) through the FS register (offset 0x30).Navigating PEB_LDR_DATA to enumerate loaded modules.Walking linked lists such as...
2026-01-2816 min
CyberCode AcademyCourse 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 3: Analyzing and Defeating String Obfuscation in NativeIn this lesson, you’ll learn about:String Obfuscation in Native Malware:Why string analysis is significantly harder in native code compared to interpreted languages.How compiled binaries store logic as machine instructions inside formats like the Portable Executable (PE), requiring reverse engineering rather than simple string extraction.Core Native String-Hiding Techniques:Stack Strings: Constructing strings dynamically on the stack using assembly instructions instead of storing them in readable sections of the binary.Checksum-Based Resolution: Hiding API and file names by comparing runtime-generated hashes against hard-coded ch...
2026-01-2715 min
CyberCode AcademyCourse 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 2: Analyzing and Defeating Obfuscation in VBAIn this lesson, you’ll learn about:Obfuscation in Interpreted Code:Why interpreted languages like VBA and PowerShell are still heavily obfuscated despite being easier to access than native binaries.Common tactics such as junk instructions, string and object obfuscation, and nonsensical naming designed to slow analysis rather than prevent it.Analyzing Malicious VBA Macros:Extracting macro code from Office documents using stream-analysis tools.Identifying execution entry points such as AutoOpen to understand how and when malicious logic is triggered.Tracing string operations to un...
2026-01-2619 min
CyberCode AcademyCourse 20 - Malware Analysis: Identifying and Defeating Code Obfuscation | Episode 1: Defeating Malware Obfuscation: Fundamentals, ImpactIn this lesson, you’ll learn about:The Purpose of Code Obfuscation:Defining obfuscation as the practice of intentionally making software difficult to read or analyze.How malware authors use obfuscation to hide strings, functions, payloads, and command-and-control communication.The concept of “raising the bar” for analysts by increasing the time and effort required to understand malicious intent.Legitimate uses of obfuscation for protecting intellectual property in commercial software.Obfuscation Across Programming Architectures:The differences between native code (C, C++, Assembly) and interpreted or manage...
2026-01-2514 min
CyberCode AcademyCourse 19 - Ultimate Rust Crash Course | Episode 5: Rust Concurrency Fundamentals: Closures, Threads, and Channel CommunicationIn this lesson, you’ll learn about:Functional Programming with Closures:Defining closures as anonymous functions that capture values from their surrounding scope.Using closures with iterator methods like map, filter, and fold to transform data.The difference between borrowing closures and move closures, and why move semantics are required for safe multi-threaded execution.Multi-threaded Execution in Rust:Spawning threads with thread::spawn and running closures as thread entry points.Using join handles to wait for thread completion and handle potential panics.Understanding pe...
2026-01-2414 min
CyberCode AcademyCourse 19 - Ultimate Rust Crash Course | Episode 4: Rust Foundations: Structs, Traits, CollectionsIn this lesson, you’ll learn about:Data Organization with Structs and Traits:Using structs to group data fields, methods, and associated functions.Defining shared behavior with traits instead of inheritance.Writing generic functions that operate on any type implementing a required trait.Using default trait implementations to share common behavior without repetitive code.Managing Data with Standard Collections:Vectors (Vec): Dynamic lists or stacks for storing items of the same type.HashMaps: Key–value storage with efficient lookup and removal.Sp...
2026-01-2316 min
CyberCode AcademyCourse 19 - Ultimate Rust Crash Course | Episode 3: Rust Fundamentals: Mastering Ownership, References, and BorrowingIn this lesson, you’ll learn about:Ownership and Memory Management in Rust:How Rust guarantees memory safety without a garbage collector.The difference between stack and heap memory and how data lifecycles are managed.The Mechanics of Ownership:Rust’s three core ownership rules:Every value has a single owner.Only one owner exists at a time.Values are dropped immediately when the owner goes out of scope.The distinction between moving values (invalidating the original variable) and cloning valu...
2026-01-2210 min
CyberCode AcademyCourse 19 - Ultimate Rust Crash Course | Episode 2: Rust Core Foundations: Data Types, Control Flow, and String HandlingIn this lesson, you’ll learn about:Core Data Representations in Rust:Scalar types: integers (signed i and unsigned u), floating-point types (f32, f64), booleans, and Unicode char values.Compound types: tuples (accessed via indexing or destructuring) and fixed-size arrays stored on the stack, along with their practical limits.Project Organization and Reusability:Moving logic into a library file (lib.rs).Exposing functions with the pub keyword and importing them using use statements.Control Flow and Program Logic:Using if as an ex...
2026-01-2112 min
CyberCode AcademyCourse 19 - Ultimate Rust Crash Course | Episode 1: Rust Programming Foundations: From Cargo Tooling to Core Syntax and ModulesIn this lesson, you’ll learn about:The Rust Ecosystem and Tooling:Using Cargo as Rust’s package manager, build system, and documentation tool.Creating projects with cargo new, managing dependencies in Cargo.toml, and running code with cargo run.Understanding the difference between debug builds and optimized release builds.Variables and Constants:Declaring variables with let in a strongly typed language with type inference.Rust’s default immutability model and using mut for mutable values.Defining constants (const) with explicit types and co...
2026-01-2013 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 6: Mastering Malware Evasion: Stealth, Obfuscation, and Anti-AnalysisIn this lesson, you’ll learn about:Evading Initial Detection:Payload Obfuscation: Encoding payloads multiple times to cloak them from IDS detection.Benign Carrier Injection: Hiding malicious code inside legitimate scripts (e.g., Python Base64 payloads).Custom Packaging: Using packers to compress or encrypt malware, creating unique fingerprints that bypass signature-based detection.Post-Penetration Stealth:Fileless Attacks: Running scripts directly in memory via tools like PowerShell, avoiding disk storage.Folder Cloaking: Hiding directories using CLSID entries and desktop.ini files.Alternate Data Streams (AD...
2026-01-1912 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 5: Intrusion Detection and Prevention: Strategies, Tools, and IntelligenceIn this lesson, you’ll learn about:Foundations of Intrusion Defense:Multi-layered defense-in-depth strategies using models like SAPSA.Difference between Intrusion Detection Systems (IDS), which alert operators, and Intrusion Prevention Systems (IPS), which can actively block threats.The challenge of balancing false positives vs. false negatives in threat detection.Detection Methodologies:Signature-based detection: Matches traffic against known attack patterns with regularly updated signatures.Anomaly detection: Builds models of normal traffic to detect deviations, including protocol and statistical anomalies.Perimeter and Access Control:...
2026-01-1818 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 4: Advanced Application Security: WAFs, API Gateways, and Honeypot TrapsIn this lesson, you’ll learn about:Web Application Firewalls (WAFs):Protecting the application layer by inspecting HTTP/HTTPS and WebSocket traffic.Breaking SSL encryption to detect threats using malware signatures and logic-based anomaly detection.Deployment options: hardware, software, or cloud services; open-source examples like ModSecurity.API Gateways and Microservices Security:Acting as proxies between subscribers and backend services to prevent attacks such as cross-site scripting (XSS).Managing API keys, documentation, and subscriber catalogs.Practical configuration: using management consoles to create users an...
2026-01-1710 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 3: Network Emulation and Security Defense: Deploying Cisco ASA and Kali LinuxIn this lesson, you’ll learn about:GNS3 Platform Foundation and Image Integration:Installing GNS3 Windows All-in-One and preparing the environment for professional network emulation.Importing manufacturer-specific device images (e.g., Cisco 3745 router, ASA firewall) to run actual device code instead of generic simulators.Building a Routed Network:Configuring IP addresses and routing paths on Cisco routers.Calculating idle time to optimize host CPU usage during emulation.Establishing a functional network backbone before adding security layers.Deploying the Cisco ASA Firewall:...
2026-01-1610 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 2: Configuring a Cisco PIX Firewall to Establish a Secure EnclaveIn this lesson, you’ll learn about:Initializing and Configuring a Cisco PIX Firewall:Physical and software setup: connecting to the RS232 console port via USB-to-serial adapter and using Putty.Navigating the Cisco IOS CLI: moving from basic prompts to privilege mode and the configuration environment (config t).Administrative tasks:Checking existing configurations with show configure.Creating local user accounts and setting privilege levels.Naming and managing interfaces, identifying Ethernet 0 as "outside" (WAN) and Ethernet 1 as "inside" (internal network).Network Architecture and Co...
2026-01-1512 min
CyberCode AcademyCourse 18 - Evading IDS Firewalls and Honeypots | Episode 1: Firewall Management and Security Testing: From Windows and Linux ConfigurationsIn this lesson, you’ll learn about:Firewall Fundamentals and Windows Configuration:What a firewall is and how it mediates between network zones using rules based on source/destination addresses and ports.Windows Firewall network profiles: Domain, Private, and Public.Key practices:Application Control: Allow specific programs, block vulnerable protocols like SMB/RPC on public networks.Advanced Rules: Configure IPSec for authenticated/encrypted transmissions; set granular inbound/outbound rules.Logging and Analysis: Use tools to convert large text logs into graphical summaries to detect an...
2026-01-1413 min
CyberCode AcademyCourse 17 - Computer Network Security Protocols And Techniques | Episode 9: Foundations of VPN Security: The IPsec Protocol SuiteIn this lesson, you’ll learn about:The fundamentals of VPNs and IPsecKey management and Security Associations (SA)IPsec protocols: AH vs. ESPOperational modes: Transport vs. Tunnel1. VPNs and IPsec FundamentalsA VPN (Virtual Private Network) creates a secure, logical tunnel over the public internet, allowing private communication without costly dedicated lines.IPsec (Internet Protocol Security) operates at the network layer and supports both IPv4 and IPv6.Security services provided by IPsec include:Access Control – Only authorized user...
2026-01-1312 min
CyberCode AcademyCourse 17 - Computer Network Security Protocols And Techniques | Episode 8: TLS/SSL Foundations: From Conceptual "Toy" Models to ActualIn this lesson, you’ll learn about:The purpose and security objectives of TLS/SSLHow a simplified "Toy TLS" model illustrates key conceptsHow actual TLS works, including handshake, key derivation, and record protocolsThe role of cipher suites and secure data transfer1. Core Security Services of TLS/SSL TLS (Transport Layer Security) is designed to protect communications over insecure networks. Its four main security services are:Authentication – Verify the identities of client and server using digital certificates.Encryption – Protect data from being...
2026-01-1213 min
CyberCode AcademyCourse 17 - Computer Network Security Protocols And Techniques | Episode 7: Understanding Pretty Good Privacy (PGP) for Secure EmailIn this lesson, you’ll learn about:What PGP is and where it operates in the network stackHow PGP secures email confidentiality and authenticityThe three-part structure of a PGP-secured messageHow session keys, public keys, and digital signatures work togetherThe cryptographic algorithms supported by PGPIntroduction Pretty Good Privacy (PGP) is an application-layer security protocol designed to protect email communications. It combines symmetric encryption, public key cryptography, and digital signatures to ensure that messages remain confidential, authentic, and tamper-proof during transmission. How PGP Se...
2026-01-1111 min
CyberCode AcademyCourse 14 - Wi-Fi Pentesting | Episode 6: WPA/WPA2 Cracking Introduction: Exploiting the WPS VulnerabilityIn this lesson, you’ll learn about:The fundamental difference between WEP and WPA/WPA2 securityWhy WPA and WPA2 are significantly harder to crack than WEPThe role of TKIP and CCMP in protecting data integrityWhat WPS (Wi-Fi Protected Setup) is and why it introduces riskHow the WPS PIN design weakens WPA/WPA2 securityWhy push-button authentication (PBC) blocks WPS PIN attacksWhy testing for WPS vulnerabilities is the first step in WPA/WPA2 assessmentsTransition from WEP to WP...
2025-12-1910 min
CyberCode AcademyCourse 14 - Wi-Fi Pentesting | Episode 1: Setting Up the Virtual Hacking Lab: VirtualBox and Kali LinuxIn this lesson, you’ll learn about:How to set up a complete virtual hacking labThe role of VirtualBox in safe security testingInstalling and configuring Kali Linux as a virtual machineUnderstanding NAT networking in virtual environmentsNavigating the Kali Linux desktop and workspace systemBuilding a Virtual Hacking Lab with VirtualBox & Kali Linux Installing VirtualBox VirtualBox is a virtualization platform that allows you to run multiple operating systems on a single physical machine (host), including Windows, macOS, and Linux. Key benefits:...
2025-12-1409 min
CyberCode AcademyCourse 11 - Mobile Forensics Fundamentals | Episode 1: Legal Authority, Acquisition Procedures, and Examiner ResponsibilitiesIn this lesson, you’ll learn about: • The purpose and scope of mobile forensicsIntroduction to the course structure, online training logistics, and preparation for the Certified Mobile Forensic (CMF) exam.Overview of provided resources such as forensic report templates, chain-of-custody forms, and research platforms like Packetstorm and Exploit-DB.• Unique technical challenges in mobile device acquisitionWhy mobile forensics is inherently less forensically sound due to unavoidable data alteration when powering on or connecting devices.The constant arms race with advanced device encryption and OS security patches that can rapidl...
2025-11-2912 min
CyberCode AcademyCourse 10 - Network Security Fundamentals | Episode 3: Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS)In this lesson, you’ll learn about:Firewall fundamentals and their evolution across generationsThe role of firewalls in network perimeter defenseIntrusion Detection and Prevention Systems (IDS/IPS) and how they operateDeployment models and detection methods for IDS/IPSBest practices for modern perimeter securityI. Network Perimeter Defense Overview Perimeter defense protects the boundary between an organization’s private network and the public internet. Although external attackers are the main focus, insider threats must also be considered. Firewalls and IDS/IPS systems form crit...
2025-11-2411 min
CyberCode AcademyCourse 10 - Network Security Fundamentals | Episode 2: Securing Wireless and Mobile Networks: Standards, Threats, and Best PracticesIn this lesson, you’ll learn about:Wireless networking standards and operating modesWi-Fi security best practices and hardening techniquesCellular/mobile device threats and defensive controlsCommon wireless attacks and mitigation strategiesI. Wireless Network Standards and Basics Wi-Fi (802.11 Standard) Overview Wi-Fi is based on the IEEE 802.11 family of standards and uses radio waves to transmit data. The most common frequencies are 2.4 GHz and 5 GHz, regulated by authorities such as the FCC. Evolution of Key 802.11 Amendments802.11a: 5 GHz802.11b: 2.4 GHz802.11g...
2025-11-2313 min