FIVE   |   EIGHT   |   90%   |   40

           SCENARIOS                   LABS                       HANDS-ON           DURATION

Linux Forensics is the art of extracting evidence and important artifacts from a digital crime scene that can help the investigator in reconstructing the chain of events. During this course, students will learn about computer hardware and the Linux-OS filesystem. The students will learn to collect and analyze forensic evidence and write official reports.

LAB 01

OS Structure

LAB 02

Hashes and Encoding

LAB 03

Linux Artifacts

LAB 04

Data Structure

LAB 05

Data Carving

LAB 06

Data Acquisition

LAB 07

Linux Memory

LAB 08


Scenario: LF001

Bapco, a Baharian oil company, was attacked by a malware that caused a data wipe. The attack was made by a group of hackers that was sponsored by the Iran government. Some of the data from the Linux servers got deleted.


Scenario: LF002

Toll, an Australian transportation company, was attacked by Ransomware twice this year. The hackers gained access to one of the Linux servers, stole data, and deployed the Ransomware. As a part of the InfoSec team, you have been assigned to extract valuable data from the attacked servers.


Scenario: LF003

Outsourcing group Interserve has suffered a cyberattack that exposed the details of 100,000 people. Hackers broke into a Linux machine and started leaking information outside. Your mission is to investigate the server log files to gain control over the system and stop the leakage.


Scenario: LF004

Nintendo report that the information and credentials of at least 160,000 Switch users have been hacked. The attack caused significant financial damage to the company. You have been assigned to write a full report about the incident for the insurance company.


Scenario: LF005

Giant Cognizant’s IT Services was infected with a “Maze” Ransomware. The security breach involves a Linux server that got hacked, causing service disruption for some of the clients. Your job is to collect evidence to file a complaint against the attackers.

Annotation 2020-05-21 204200.jpg
  • White LinkedIn Icon
  • White Facebook Icon

Ze'ev Jabotinsky St 7,
Ramat Gan, IL.

© 2020 by ThinkCyber