HEXORDIA MOBILE DATA STRUCTURES - VIRTUAL LIVE TRAINING
This one day virtual live course teaches the fundamentals of common data structures found in mobile forensics including SQLite, LevelDB, PList, and Protobuf formats.
Description
Learn how to dive deep into data structures commonly found on mobile phones. This one day (8 hour) class is intended for Intermediate and Advanced mobile forensics practitioners. We will delve into database formats for both SQLite and LevelDB. In addition we will explore the PList and Protocol Buffer (Protobuf) formats. Course is taught using Open Source and freeware tools to ensure that participants can utilize the skills learned in their lab without additional budgetary requirements. Course is hands-on with labs covering each data format.
Training Delivery Details
Live Online Training: Instructor (8 hour) | Materials | Certificate of Attendance
All sessions starts from 8:30 AM to 5 PM (Eastern Time) or upon a mutual agreement
Syllabus
This training will cover the following courses:
HEX-310 SQLite Analysis
HEX-320 PList Forensics
HEX-340 LevelDB Analysis
HEX-360 Protobuf Analysis
Instructor
Jessica Hyde is an experienced forensic examiner in both the government and commercial sectors. She is the founder of Hexordia, a digital forensics contracting organization and Adjunct Professor teaching Mobile Forensics in the graduate program at George Mason University, where she achieved an MS in Computer Forensics. She is also involved in several community efforts including Associate Editor for the Forensic Science International: Digital Investigations Journal, Chair of DFIR Review, International 2nd VP of the High Tech Crime Investigation Association, and a member of the advisory board for Cyber Sleuths Lab. Her previous roles include Director of Forensics at Magnet Forensics, performing forensic examinations as a Sr. Mobile Exploitation Analyst for Basis Technology, Senior at EY, and Senior Electrical Engineer at American Systems. Jessica is also proud to be a veteran of the United States Marine Corps.
Learning Objectives
After completing this course, you are expected to:
-
Learning the significance of SQLite files
-
Learning how to interact with SQLite files through database browsers
-
Learning SQLite Query basics
-
Understanding of the PList file structure and different PList variants
-
Understanding of the options available for examining PList files
-
Learning when and where you may find LevelDB content
-
Understanding how LevelDB organizes data
-
Utilizing a variety of tools to explore LevelDBs
-
Understanding the organization of Protobuf data
-
Utilizing a variety of tools to explore Protobufs
Prerequisites
This course is designed for students who have the basics of mobile forensics and are looking to learn more about different data structures.
Who is this Course For?
This training is designed for mobile forensic practitioners.
System Requirements:
What you need to for the course
1. Any computer with an internet connection capable of watching live stream video, will be able to view the live lectures in this class.
2. We recommend systems with the latest Intel/AMD CPU, 8 GB of RAM, 64 GB of disk space, and an Internet connection should be sufficient to work through our labs.
3. Some tools are Windows only; however, if you have Windows VM, that will work.
Cancellation Policy:
Info you need to know to get a refund
Full refunds will be provided up to 14 days before the course start date. You are allowed to change the course schedule up to 10 days before the course starts.