Difference between pages "Training Courses and Providers" and "Apple iPhone"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(COMMERCIAL TRAINING)
 
(Tools)
 
Line 1: Line 1:
This is the list of Training Providers, who offer training courses of interest to practitioners and researchers in the field of Digital Forensics.   Conferences which may include training are located on the [[Upcoming_events]] page.
+
The '''iPhone''' is a smartphone made by [[Apple Inc.]] and sold with service through AT&T. It can be used to send/receive [[email]] (see [[IPhone Mail Header Format]]), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as [[Oxygen Forensic Suite 2010]].
  
<b>PLEASE READ BEFORE YOU EDIT THE LIST BELOW</b><br>
+
In December 2009, Nicolas Seriot presented ([http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf PDF]) a harvesting application, [http://github.com/nst/spyphone SpyPhone]This application grabs data as sensitive as location data and a cache of keyboard wordsIt neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).
Some training providers offer on-going training courses that are available in an on-line "any time" format. Others have regularly scheduled training that is the same time each month. Others have recurring training but are scheduled at various times throughout the year. Providers training courses should be listed in alphabetical order, and should be listed in the appropriate sectionNon-Commercial training is typically offered by governmental agencies or organizations that directly support law enforcementTool Vendor training is training offered directly by a specific tool vendor, which may apply broadly, but generally is oriented to the vendor's specific tool (or tool suite).  Commercial Training is training offered by commercial companies which may or may not be oriented to a specific tool/tool suite, but is offered by a company other than a tool vendor.
+
  
<i>Some training opportunities may be <u>limited</u> to <b>Law Enforcement Only</b> or to a specific audience.  Such restrictions should be noted when known.</i>
+
== Tools ==
== On-going / Continuous Training ==
+
* [Cellebrite UFED http://www.cellebrite.com/forensic-solutions/ios-forensics.html]
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
* [http://code.google.com/p/iphone-dataprotection/ iphone Data Protection] is a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
|- style="background:#bfbfbf; font-weight: bold"
+
* [http://www.iosresearch.org Jonathan Zdziarski] has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
! width="40%"|Title
+
* [http://www.libimobiledevice.org/ libimobiledevice] is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools. They are available in the Debian-testing packages '''libimobiledevice''' and '''libimobiledevice-utils'''.
! width="20%"|Date/Location
+
* [[Nuix Desktop]] and [[Proof Finder]] can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.
! width="40%"|Website
+
|-
+
|- style="background:pink;align:left"
+
! DISTANCE LEARNING
+
|-
+
|Basic Computer Examiner Course - Computer Forensic Training Online
+
|Distance Learning Format
+
|http://www.cftco.com
+
|-
+
|Linux Data Forensics Training
+
|Distance Learning Format
+
|http://www.crazytrain.com/training.html
+
|-
+
|SANS On-Demand Training
+
|Distance Learning Format
+
|http://www.sans.org/ondemand/?portal=69456f95660ade45be29c00b0c14aea1
+
|-
+
|Champlain College - CCE Course
+
|Online / Distance Learning Format
+
|http://extra.champlain.edu/cps/wdc/alliances/cce/landing/
+
|-
+
|Las Positas College
+
|Online Computer Forensics Courses
+
|http://www.laspositascollege.edu
+
|-
+
|- style="background:pink;align:left"
+
!RECURRING TRAINING
+
|-
+
|MaresWare Suite Training
+
|First full week every month<br>Atlanta, GA
+
|http://www.maresware.com/maresware/training/maresware.htm
+
|-
+
|Evidence Recovery for Windows Vista&trade;
+
|First full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Evidence Recovery for Windows Server&reg; 2003 R2
+
|Second full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Evidence Recovery for the Windows XP&trade; operating system
+
|Third full week every month<br>Brunswick, GA
+
|http://www.internetcrimes.net
+
|-
+
|Computer Forensics Training and CCE&trade; Testing for Litigation Support Professionals
+
|Third weekend of every month(Fri-Mon)<br>Dallas, TX
+
|http://www.md5group.com
+
|-
+
|}
+
==NON-COMMERCIAL TRAINING==
+
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! width="40%"|Title
+
! width="40%"|Website
+
! width="20%"|Limitation
+
|-
+
|Defense Cyber Investigations Training Academy (DCITA)
+
|http://www.dc3.mil/dcita/dcitaAbout.php
+
|Limited To Certain Roles within US Government Agencies[http://www.dc3.mil/dcita/dcitaRegistration.php (1)]
+
|-
+
|Federal Law Enforcement Training Center
+
|http://www.fletc.gov/training/programs/technical-operations-division
+
|Limited To Law Enforcement
+
|-
+
|MSU National Forensics Training Center
+
|http://www.security.cse.msstate.edu/ftc
+
|Limited To Law Enforcement
+
|-
+
|IACIS
+
|http://www.iacis.com/training/course_listings
+
|Limited To Law Enforcement and Affiliate Members of IACIS
+
|-
+
|SEARCH
+
|http://www.search.org/programs/hightech/courses/
+
|Limited To Law Enforcement
+
|-
+
|National White Collar Crime Center
+
|http://www.nw3c.org/ocr/courses_desc.cfm
+
|Limited To Law Enforcement
+
|-
+
|}
+
  
==TOOL VENDOR TRAINING==
+
== Publications ==
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
* Gómez-Miralles, Arnedo-Moreno. [http://openaccess.uoc.edu/webapps/o2/bitstream/10609/11862/1/iPadForensics.pdf Versatile iPad forensic acquisition using the Apple Camera Connection Kit.] Computers And Mathematics With Applications, Volume 63, Issue 2, 2012, pp.544-553.
|- style="background:#bfbfbf; font-weight: bold"
+
! width="40%"|Title
+
! width="40%"|Website
+
! width="20%"|Limitation
+
|-
+
|AccessData (Forensic Tool Kit FTK)
+
|http://www.accessdata.com/courses.html
+
|-
+
|ASR Data (SMART)
+
|http://www.asrdata.com/training/
+
|-
+
|ATC-NY (P2P Marshal, Mac Marshal)
+
|http://p2pmarshal.atc-nycorp.com/index.php/training http://macmarshal.atc-nycorp.com/index.php/training
+
|-
+
|BlackBag Technologies (Mac Forensic Tools- BlackLight and SoftBlock)
+
|https://www.blackbagtech.com/training.html
+
|-
+
|Cellebrite (UFED)
+
|http://www.forwarddiscovery.com
+
|-
+
|CPR Tools (Data Recovery)
+
|http://www.cprtools.net/training.php
+
|-
+
|Digital Intelligence (FRED Forensics Platform)
+
|http://www.digitalintelligence.com/forensictraining.php
+
|-
+
|e-fense, Inc. (Helix3 Pro)
+
|http://www.e-fense.com/training/index.php
+
|-
+
|Guidance Software (EnCase)
+
|http://www.guidancesoftware.com/computer-forensics-training-courses.htm
+
|-
+
|Micro Systemation (XRY)
+
|http://www.msab.com/training/
+
|-
+
|Nuix (eDiscovery)
+
|http://www.nuix.com.au/eDiscovery.asp?active_page_id=147
+
|-
+
|Paraben (Paraben Suite)
+
|http://www.paraben-training.com/training.html
+
|-
+
|Software Analysis & Forensic Engineering (CodeSuite)
+
|http://www.safe-corp.biz/training.htm
+
|-
+
|Technology Pathways(ProDiscover)
+
|http://www.techpathways.com/DesktopDefault.aspx?tabindex=6&tabid=9
+
|-
+
|SubRosaSoft (MacForensicsLab)
+
|http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=index&cPath=2
+
|-
+
|WetStone Technologies (Gargoyle, Stego Suite, LiveWire Investigator)
+
|https://www.wetstonetech.com/trainings.html
+
|-
+
|X-Ways Forensics (X-Ways Forensics)
+
|http://www.x-ways.net/training/
+
|-
+
|}
+
  
==COMMERCIAL TRAINING==
+
== External Links ==
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
* [http://www.apple.com/iphone/ Official web site]
|- style="background:#bfbfbf; font-weight: bold"
+
* [http://github.com/nst/spyphone SpyPhone]. Noted on [http://it.slashdot.org/story/09/12/04/0413235/Malware-Could-Grab-Data-From-Stock-iPhones?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29 Slashdot].
! width="40%"|Title
+
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2012. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.
! width="40%"|Website
+
! width="20%"|Limitation
+
|-
+
|BerlaCorp iOS and GPS Forensics Training
+
|http://www.berlacorp.com/training.html
+
|-
+
|Computer Forensic Training Center Online (CFTCO)
+
|http://www.cftco.com/
+
|-
+
|CCE Bootcamp
+
|http://www.cce-bootcamp.com/
+
|-
+
|Dera Forensics Group
+
|http://www.deraforensicgroup.com/courses.htm
+
|-
+
|e-fense Training
+
|http://www.e-fense.com/training/index.php
+
|-
+
|Forward Discovery, Inc.
+
|http://www.forwarddiscovery.com
+
|-
+
|H-11 Digital Forensics
+
|http://www.h11-digital-forensics.com/training/viewclasses.php
+
|-
+
|High Tech Crime Institute
+
|http://www.gohtci.com
+
|-
+
|Hoffmann Advanced Forensic Sessions
+
|http://en.hoffmannbv.nl/index.cfm/t/Hoffmann_Advanced_Forensic_Sessions/vid/990B3B29-FD6A-6F79-58B3C841381DB7AF
+
|-
+
|Infosec Institute
+
|http://www.infosecinstitute.com/courses/security_training_courses.html
+
|-
+
|Intense School (a subsidiary of Infosec Institute)
+
|http://www.intenseschool.com/schedules
+
|-
+
|ManTech Computer Security Training
+
|http://www.mantech.com/capabilities/comptraining.asp
+
|-
+
|Mobile Forensics, Inc
+
|http://mobileforensicsinc.com/
+
|-
+
|NetSecurity
+
|http://www.netsecurity.com/training/registration_schedule.html
+
|-
+
|NID Forensics Academy (Certified Digital Forensic Investigator - CDFI Program)
+
|http://www.nidforensics.com.br/
+
|-
+
|NTI (an Armor Forensics Company)
+
|http://www.forensics-intl.com/training.html
+
|-
+
|Security University
+
|http://www.securityuniversity.net/classes.php
+
|-
+
|Steganography Analysis and Research Center (SARC)
+
|http://www.sarc-wv.com/training.aspx
+
|-
+
|Sumuri - Forensics Simplified
+
|http://sumuri.com/
+
|-
+
|SysAdmin, Audit, Network, Security Institute (SANS)
+
|http://computer-forensics.sans.org/course/
+
|-
+
|Teel Technologies Mobile Device Forensics Training
+
|http://www.teeltech.com/tt3/training.asp
+
|-
+
|Zeidman Consulting (MCLE)
+
|http://www.zeidmanconsulting.com/speaking.htm
+
|-
+
|}
+

Revision as of 01:46, 28 February 2013

The iPhone is a smartphone made by Apple Inc. and sold with service through AT&T. It can be used to send/receive email (see IPhone Mail Header Format), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as Oxygen Forensic Suite 2010.

In December 2009, Nicolas Seriot presented (PDF) a harvesting application, SpyPhone. This application grabs data as sensitive as location data and a cache of keyboard words. It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).

Tools

  • [Cellebrite UFED http://www.cellebrite.com/forensic-solutions/ios-forensics.html]
  • iphone Data Protection is a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
  • Jonathan Zdziarski has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
  • libimobiledevice is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools. They are available in the Debian-testing packages libimobiledevice and libimobiledevice-utils.
  • Nuix Desktop and Proof Finder can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.

Publications

External Links