Network Forensics Training in London

The Flag of the United States by Sam Howzit (CC BY 2.0)

People sometimes ask me when I will teach my
network forensics class in the United States.
The US is undoubtedly the country with the most advanced and mature DFIR community,
so it would be awesome to be able to give my class there.
However, not being a U.S. person and not working for a U.S. company makes it rather difficult for me to teach in the United States
(remember what happened to Halvar Flake?).

So if you’re from the Americas and would like to take my network forensics class,
then please don’t wait for me to teach my class at a venue close to you – because I probably won’t.
My recommendation is that you instead attend my
upcoming training at 44CON in London this September.

London Red Telephone Booth Long Exposure by (CC0)

The network forensics training in London will cover topics such as:

  • Analyzing a web defacement
  • Investigating traffic from a remote access trojan (njRAT)
  • Analyzing a Man-on-the-Side attack (much like QUANTUM INSERT)
  • Finding a backdoored application
  • Identifying botnet traffic through whitelisting
  • Rinse-Repeat Threat Hunting

The first day of training will focus on analysis using only open source tools.
The second day will primarily cover training on commercial software from Netresec, i.e.
NetworkMiner Professional and
All students enrolling in the class will get a full 6 month license for both these commercial tools.


Hope to see you at the 44CON training in London!

Facebook Share on Facebook  Twitter Tweet  Reddit Submit to

*** This is a Security Bloggers Network syndicated blog from NETRESEC Network Security Blog authored by Erik Hjelmvik. Read the original post at: