『CyberCode Academy』のカバーアート

CyberCode Academy

CyberCode Academy

著者: CyberCode Academy
無料で聴く

このコンテンツについて

 Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity.
🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time.
From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning.
Study anywhere, anytime — and level up your skills with CyberCode Academy.
🚀 Learn. Code. Secure.Copyright CyberCode Academy 教育
エピソード
  • Course 12 - Maltego Advanced Course | Episode 1: Maltiggo Transforms, Sets, and Essential Menu Actions

    Course 12 - Maltego Advanced Course | Episode 1: Maltiggo Transforms, Sets, and Essential Menu Actions
    2025/12/02
    In this lesson, you’ll learn about:
    • How transforms work in Maltego
    • Transform sets and how they organize large transform collections
    • Key transform menu actions and shortcuts
    • Essential bottom-row menu actions for efficient workflow
    Summary of the Episode: This episode explains the core mechanics of Maltego transforms, how to run them, how they are organized, and the essential menu actions available when working on a graph. 1. Understanding Transforms
    • Transforms are functions that take one or more selected entities as input.
    • They only appear if relevant entity types are selected.
    • Transforms can be run in two ways:
      • Through the right-click transform menu on the graph
      • Through the Run View
    2. Transform Sets Because some entities (like Domain) have very long lists of transforms, Maltego organizes them into transform sets.
    • Transform sets help users find transforms more easily.
    • Sets and transforms are grouped first by their hub item, which may introduce new transforms (e.g., Thread Miner included by default).
    • Navigation:
      • Click a group or set to see its contents
      • Use the left bar or right-click → Up to go back a level
    3. Recognizing Items in the Transform List
    • Transforms
      • Dark background (near-black)
      • Single play icon ▶
    • Groups/Sets
      • Light background
      • Small plus icon ➕
    • Run All in a Set
      • Double-play icon ▶▶
      • Use with caution due to potentially large output
    4. Special Transform Sets
    • All
      • Appears on every level
      • Shows all transforms for the selected entity/entities
    • Favorites
      • Only appears if you starred transforms for the current entity type
    • Machines
      • Appears at the topmost level, at the bottom
      • Shortcut to run Maltego Machines
    5. Customizing Your Transform Experience
    • Users can create custom transform sets in the Transform Manager.
    • Hub items can add new transform groups to your environment.
    6. Essential Right-Click Menu Actions (Bottom Row) These are shortcuts to functions available elsewhere in Maltego: Basic Actions
    • Delete / Cut / Copy
      • Copy sends entity as GraphML to clipboard
      • Can be pasted into another graph
    Type Actions
    • Quickly search the entity value in Google or Wikipedia
    • Used rarely
    Send to URL
    • Sends selected entities to a custom HTTP POST endpoint
    Clear / Refresh Images
    • Reloads images from original sources
    • Works only in normal privacy mode, not stealth mode
    Copy to New Graph
    • Creates a brand-new graph containing the selected entities and their links
    • Useful for:
      • Experimentation
      • Isolating parts of a graph
    • You can later copy results back into the original graph
    Change Type
    • Converts entity from one type to another (e.g., DNS name → Website)
    • Crucial when the target transform isn’t available for the current type
    Merge
    • Combines two entities that represent the same real-world object
    • Consolidates their links
    Attach
    • Adds files (evidence, screenshots, etc.) to an entity
    • Attached images can be displayed on the graph instead of the entity icon
    7. Most Important Actions to Remember
    • Copy to New Graph
    • Change Type
    • Merge
    • Attach
    These actions significantly improve workflow efficiency and flexibility when working with complex investigations.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cybercode_academy
    続きを読む 一部表示
    12 分
  • Course 11 - Mobile Forensics Fundamentals | Episode 3: iOS and iPhone Forensics: Security, Acquisition Techniques, and Artifact Analysis

    Course 11 - Mobile Forensics Fundamentals | Episode 3: iOS and iPhone Forensics: Security, Acquisition Techniques, and Artifact Analysis
    2025/12/01
    In this lesson, you’ll learn about: • iOS architecture and security features • Common vulnerabilities and exploit history • Logical and physical acquisition techniques • Key forensic artifacts and analysis methods • Legal constraints and investigative limitations iOS / iPhone Forensics: Summary and Key Concepts 1. iOS Security and Architecture iOS is its own complete operating system and is generally considered more secure than Android due to its standardized hardware/software ecosystem. Any vulnerability or exploit tends to apply consistently across devices, but Apple rapidly patches these issues. iOS architecture is layered, similar to the OSI model:Core OS – Unix-based kernel, security framework, low-level networking.Core Services – TCP/IP communication, iCloud services, file sharing.Media Layer – Audio, graphics, video processing.Cocoa Touch – Application interface layer.The file system historically used HFS+, storing data in a B-tree format. Key iOS Security FeaturesSecure Boot ChainVerifies every boot stage using Apple’s root certificate. Prevents downgrades and protects against boot-level attacks.Secure Enclave / “Clave”A dedicated co-processor using encrypted memory to handle cryptographic keys, making memory dumps extremely difficult.AES-256 EncryptionIndustry-grade (DoD-level) encryption applied at the hardware level to protect user partitions.ASLR (Address Space Layout Randomization)Mitigates buffer overflow attacks by randomizing memory locations.Sandboxing / JailingRestricts app access to only their assigned directory, protecting system resources.2. Vulnerabilities and Exploit History While secure, iOS has had notable vulnerabilities:Masquerading AttackA malicious app with the same internal project name as a legitimate one could overwrite it without signature validation (older versions).IP Box ExploitAllowed brute-forcing on older iOS versions by bypassing lockout delays.GrayKey Unlocking DeviceA proprietary law-enforcement tool used to bypass locks; Apple later patched the underlying vulnerabilities.San Bernardino CaseFBI paid roughly $1M for a one-time exploit to bypass auto-wipe on a locked iPhone.Apple consistently patches publicly disclosed vulnerabilities, reducing the lifespan of exploits. 3. Acquisition Techniques and Challenges 1. Logical Acquisition Often performed through iTunes backups.Requires the device to be unlocked.Extracts app data, device configuration, file structure, communications, and certain system logs.Tools include:Paraben Device SeizureXRYCellebrite (UFED)iTunes Backup Analyzer 2 (IPBA2)2. Physical Acquisition Attempts to extract raw data, including deleted and unallocated space. However:Modern iOS with full AES-256 encryption makes physical acquisition impossible without the passcode.Often requires a temporary jailbreak or custom exploit.Tools such as Pangu or custom RAM disks may be used on older versions.Recovery/Boot Modes Used in ForensicsRecovery Mode – Useful for interacting with the firmware and restoring images.DFU Mode – Lower-level access used to load custom tools or initiate exploit chains.4. Key Forensic Artifacts and Evidence Sources Plist (Property List) Files Store structured data such as:IMEI, IMSI, ICCIDDevice GUIDBackup detailsEncryption flagsPlists are among the most valuable forensic artifacts.Timestamps iOS uses Unix Epoch time (seconds since Jan 1, 1970).Investigators examine:MAC times (Modified, Accessed, Created)Irregularities (e.g., zeroed milliseconds) that may indicate tampering.Location DataHistorically stored indefinitely; now encrypted and retained for ~8 days.Still useful for reconstructing user movement.CommunicationsContactsSMS/iMessage databasesCall history (including missed/attempted calls)VoicemailsNote: Listening to an unheard original voicemail may violate wiretap laws.Browser Artifacts (Safari)BookmarksCacheSearch history“Suspend state list”—recently closed tabs and windowsEphemeral DataClipboard contentsDynamic keyboard cacheOften contains usernames, passwords, or search terms.Image and Media Data (DCIM)Photos/videos include EXIF metadata (sometimes GPS).Deleted images may remain accessible as thumbnails embedded in databases.Network ArtifactsWi-Fi Plist files contain auto-join network information, including BSSIDs.Can establish proximity between suspects/devices.5. Legal and Procedural Requirements Investigators must remain strictly within legal authorization scopes:Accessing iCloud or any cloud-stored user data requires separate warrants.Overstepping authority can end a forensic career immediately.Under the Plain View Doctrine, unrelated evidence may be reported as long as the investigator stays within the allowed scope of the warrant.You can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cybercode_academy
    続きを読む 一部表示
    17 分
  • Course 11 - Mobile Forensics Fundamentals | Episode 2: Data Acquisition, Diverse Operating Systems, and Forensic Challenges

    Course 11 - Mobile Forensics Fundamentals | Episode 2: Data Acquisition, Diverse Operating Systems, and Forensic Challenges
    2025/11/30
    In this lesson, you’ll learn about: • Core forensic methodology and mobile-specific preservation challenges
    • Mobile forensics follows the standard digital forensic phases—collection, examination, analysis, and reporting—but must adapt to mobile-specific risks.
    • Devices must be isolated immediately to prevent remote wiping or network interference using Faraday cages, Stronghold bags, or shielded rooms.
    • Some devices (e.g., BlackBerry) support remote kill commands, making rapid on-scene triage essential before the device locks.
    • Investigators must document the exact state of the device on seizure (powered on/off, locked/unlocked) and any actions taken (e.g., enabling Airplane Mode).
    • Methods of mobile data acquisition and their limitations Acquisition techniques follow a “pyramid of reliability,” balancing forensic soundness with practical access: 1. Manual Extraction
    • Used when automated tools fail or when handling unsupported “feature phones” or burner devices.
    • Often involves photographing each screen manually using tools like Project Phone.
    • Least reliable but sometimes the only option.
    2. Logical Acquisition
    • The most common method for smartphones, performed with forensic tools such as Cellebrite, XRY, and Paraben.
    • Retrieves allocated data, app data, logs, contacts, SMS, and backups.
    • iPhone logical extraction usually requires iTunes to force the device to generate a backup.
    • Android logical extraction may use ADB, especially on rooted devices.
    3. Physical Acquisition (Invasive & Non-Invasive)
    • Targets both allocated and unallocated data, including deleted content.
    • Methods include JTAG, ISP, and Chip-Off forensics.
    • Increasingly limited by full-disk encryption—data may be physically extracted but cryptographically useless without keys.
    4. Volatile Memory Extraction
    • RAM acquisition is highly difficult due to hardware protections, sandboxing, and security mechanisms.
    • Any volatile data disappears once the device powers down.
    • Operating system architectures and forensic implications Android
    • Linux-based and secured with SE Linux for mandatory access control.
    • SE Linux sandboxing has known bypasses through covert channels.
    • Highly fragmented ecosystem creates inconsistent forensic tool performance.
    iOS / iPhone
    • Unix-based, secured by Apple’s robust Secure Boot Chain.
    • Uses APFS (Apple File System) with strong encryption.
    • Extremely resistant to physical extraction on modern versions.
    Windows Phone
    • Historically optimized for usability over security.
    • Weak sandboxing may allow cross-privilege interaction and artifact leakage.
    • Mobile network fundamentals and legal constraints in forensic work Network Technologies & Identifiers
    • GSM: International, open-standard.
    • CDMA: North American, proprietary.
    • Key identifiers:
      • IMEI – device hardware identity
      • IMSI – subscriber identity stored in SIM
    Legal Restrictions
    • Mobile devices fall under Fourth Amendment protections.
    • Accessing cloud data using cached credentials without a warrant violates the Computer Abuse Act (18 USC §1030).
    • Carrier metadata (CDRs, tower location, HLR/VLR info) requires a subpoena or discovery order.
    • Operating signal-jamming equipment without government authorization is illegal under FCC regulations.


    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cybercode_academy
    続きを読む 一部表示
    12 分
まだレビューはありません