CyberCode Academy

CyberCode Academy
  • 0,0 (0)
  • CURSOS
  • DIARI

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.

  1. Course 22 - WiFi Hacking with Raspberry Pi | Episode 1: Raspberry Pi Desktop And Hacking Machine

    FA 23 H

    Course 22 - WiFi Hacking with Raspberry Pi | Episode 1: Raspberry Pi Desktop And Hacking Machine

    In this lesson, you’ll learn about: What a Raspberry Pi is and why it’s described as a low-cost, credit-card-sized single-board computerHow installing an operating system on a micro SD card turns the device into a fully functional computerThe types of operating systems supported, including Linux and WindowsCommon use cases such as DIY projects, robotics, and embedded systemsWhy the Raspberry Pi’s portability and low power consumption make it especially valuableHow this course specifically repurposes the Raspberry Pi into an advanced hacking machineThe role of this lecture as a foundational overview preparing students for hands-on, technical applications You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  2. Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 5: Forensic Access and RAM Extraction with Inception

    FA 1 DIA

    Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 5: Forensic Access and RAM Extraction with Inception

    In this lesson, you’ll learn about:The forensic purpose of Inception for accessing live, locked systems without powering them downWhy volatile memory preservation makes Inception valuable during on-scene triageHow the DMA exploit works via FireWire and Thunderbolt interfacesThe concept of planting a temporary RAM-based authentication bypass that disappears after rebootHow Inception is integrated into the Paladin forensic suiteThe practical setup process, including booting Paladin, escalating privileges with sudo -s, and running inceptThe importance of selecting the correct operating system signature for a successful attackIndicators of successful execution, such as “patch verified”Legal and ethical considerations when using memory-writing exploits in forensic workWhy validation testing and thorough documentation are critical for courtroom defensibilityHow Inception enables subsequent RAM acquisition and live system analysis You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    14 min
  3. Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 4: RAM Capture via Magnet and FTK Imager

    FA 2 DIES

    Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 4: RAM Capture via Magnet and FTK Imager

    In this lesson, you’ll learn about:A technical overview of memory acquisition using Magnet RAM Capture and FTK ImagerHow RAM footprint size affects evidence integrity during live memory collectionThe key features of Magnet RAM Capture, including custom output paths and memory image splittingWhy file segmentation is operationally important when handling large RAM capturesThe role of FTK Imager as a multifunctional triage and imaging toolFTK Imager’s additional capabilities, such as registry collection, hexadecimal viewing, and logical drive previewPerformance benchmarking results, including memory dump speed for large RAM sizesStrategic considerations for tool selection and justification in forensic investigationsA professional workflow approach combining lightweight tools first and heavier tools later based on investigative needs You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    11 min
  4. Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 3: Comparing Belkasoft and Magnet Tools

    FA 3 DIES

    Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 3: Comparing Belkasoft and Magnet Tools

    In this lesson, you’ll learn about: The role of RAM acquisition in digital forensics and why volatile memory is critical evidenceHow benchmarking RAM extraction tools helps investigators make defensible tactical decisionsA technical comparison between Belkasoft RAM Capturer and Magnet RAM CaptureThe trade-offs between system footprint and extraction speed during live memory captureHow both tools operate in kernel mode and why this matters for bypassing OS protectionsDifferences in output formats (.mem vs .dmp) and their forensic implicationsPractical factors for tool selection, including execution method, performance on large RAM sizes, and operational impact on the target system You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    11 min
  5. Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 2: Benchmarking Tools and Using MoonSols DumpIt

    FA 4 DIES

    Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 2: Benchmarking Tools and Using MoonSols DumpIt

    In this lesson, you’ll learn about:Why Benchmarking RAM Extraction Tools MattersHow benchmarking supports defensible tool selection in forensic investigations.Using measurable metrics to justify decisions during reports or court testimony.Understanding that different systems and environments can affect tool behavior.Key Benchmarking CriteriaRAM Footprint: Measuring how much memory the tool consumes while running and how much evidence it overwrites.Extraction Speed: Evaluating how fast a full memory dump can be completed, especially when using high-speed media like USB 3.0 drives.Execution Context: Distinguishing between kernel-mode and user-mode tools, with kernel-mode execution preferred for bypassing OS-level protections such as anti-debugging and anti-dumping mechanisms.MoonSols DumpIt: Technical EvaluationWhy DumpIt is favored for live response and incident handling.Its portable design, allowing execution directly from removable media without installation.An exceptionally small memory footprint (under 1 MB), minimizing evidentiary impact.Proven efficiency, capable of dumping large memory sizes (e.g., ~9 GB) in a matter of minutes.Automatic output as a raw memory image, simplifying downstream analysis and tool compatibility.Live Benchmarking and VerificationObserving DumpIt in real time using Task Manager to confirm actual memory usage.Correlating observed performance with documented benchmarks.Recognizing the significance of the final success confirmation and proper storage of the raw memory image for triage and analysis.By the end of this episode, you’ll be able to benchmark RAM acquisition tools systematically, understand why DumpIt is often chosen as a primary option, and confidently explain your tool selection based on measurable, repeatable criteria rather than preference alone. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  6. Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 1: Value, Strategy, and Technical Preparation

    FA 5 DIES

    Course 22 - Digital Forensics: RAM Extraction Fundamentals | Episode 1: Value, Strategy, and Technical Preparation

    In this lesson, you’ll learn about:Why RAM Is Critical Forensic EvidenceHow volatile memory captures data that never touches disk and is lost on shutdown.Recovering private browsing sessions, chat data, webmail content, and remnants of failed wiping attempts.Identifying in-memory malware, including rootkits, injected code, and hidden processes that evade disk-based scanners.Extracting encryption keys and credentials (e.g., BitLocker, TrueCrypt, cached passwords) that unlock otherwise inaccessible evidence.The “RAM Debate”: When to Capture vs. When to SkipUnderstanding how missing RAM evidence can be argued as exculpatory in court.Evaluating the forensic footprint: every capture tool overwrites some memory.Making defensible decisions to omit RAM collection when:The suspect has confessed.Disk artifacts already answer the investigative questions.Live triage indicates the system was likely uninvolved.Learning how to justify your decision either way in reports and testimony.RAM Footprint and Evidentiary IntegrityWhat a RAM footprint is and why courts care about it.Minimizing contamination by selecting lightweight, trusted tools.Documenting tool choice, execution order, and system state to maintain credibility.Hardware Preparation for Live Memory CaptureWhy USB 3.0 magnetic hard drives are preferred over flash drives:Faster acquisition times.Higher capacity for large memory dumps.Reduced risk of incomplete captures.Planning storage capacity based on installed system RAM.Tool Redundancy and Operational ReadinessWhy investigators should maintain 2–4 validated RAM tools.Handling failures caused by OS updates, drivers, or endpoint security controls.Understanding that redundancy is a professional requirement, not overkill.Recommended Free RAM Capture ToolsDumpIt – simple, fast, minimal user interaction.Belkasoft Live RAM Capturer – reliable and widely court-tested.Magnet RAM Capture – integrates cleanly with Magnet analysis workflows.FTK Imager – versatile option when already deployed on-scene.By the end of this episode, you’ll understand not just how to extract RAM, but when, why, and how to defend your decision under scrutiny—turning volatile memory into some of the most powerful evidence in a live forensic investigation. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    17 min
  7. Course 21 - Digital Forensics: Windows Shellbags | Episode 5: Shellbags Forensics: Validating Network Drive Activity

    FA 6 DIES

    Course 21 - Digital Forensics: Windows Shellbags | Episode 5: Shellbags Forensics: Validating Network Drive Activity

    In this lesson, you’ll learn about:Validating Network Drive Activity with ShellbagsHow Windows Shellbags act as a silent witness for user interaction with network shares and mapped drives.Why UsrClass.dat is a critical artifact for proving access to remote resources, even when permissions are restricted.Recording Remote Folder AccessHow accessing a mapped network drive (e.g., Z:) generates Shellbag entries.Capturing exact remote folder paths (such as administrative or restricted directories) that a user navigated to.Demonstrating that Shellbags records navigation, not just file creation or modification.Timestamp Behavior in Network ShellbagsUnderstanding how remote MAC times are copied and stored locally:Last Accessed Time: Often reflects the precise moment the user viewed or entered the network folder.Last Written Time: May indicate when the network drive was first connected or when folder view settings were changed.Created Time: Represents the state of the folder metadata at the moment it was first recorded in Shellbags.Recognizing that all timestamps must be interpreted in UTC and converted to local time for reporting.Event Reconstruction and AttributionReconstructing timelines that show who accessed which network location and when.Correlating Shellbag entries with other evidence to confirm intentional user interaction rather than background system activity.Differentiating between mere drive connection and active navigation into specific subfolders.Investigative and Evidentiary ValueUsing Shellbag evidence to prove file awareness and knowledge, not just theoretical access.Supporting cases involving unauthorized access, insider threat activity, or data exfiltration.Reinforcing why Shellbags are especially powerful when files no longer exist or access logs are unavailable.By the end of this episode, you’ll be able to confidently analyze Shellbag artifacts related to network drives, interpret their timestamps accurately, and use them to demonstrate user knowledge and interaction with remote file systems in a forensic investigation. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  8. Course 21 - Digital Forensics: Windows Shellbags | Episode 4: Shellbag Forensics: Tracking USB Device History and Artifact Validation

    2 DE FEBR.

    Course 21 - Digital Forensics: Windows Shellbags | Episode 4: Shellbag Forensics: Tracking USB Device History and Artifact Validation

    In this lesson, you’ll learn about:USB Forensics Using Shellbag ArtifactsHow Windows Shellbags can be leveraged to reconstruct user interaction with removable media.Why Shellbags are valuable for determining whether files were copied to or from USB devices, even when the media is no longer connected.Initial Evidence Generation and CollectionCreating controlled forensic artifacts by moving test files onto a FAT16-formatted USB drive.Exporting relevant registry hives (such as USRCLASS.DAT) using FTK Imager.Loading these hives into Shellbag Explorer for structured analysis.Understanding File System Timestamp BehaviorRecognizing FAT16 limitations, where Last Accessed timestamps record only the date, not the time.Interpreting Created timestamps as the moment files or folders were moved onto the USB device.Understanding why Modified timestamps often remain unchanged during copy or move operations.Shellbag Data Merging and Ghost ArtifactsLearning how Windows may merge Shellbag data when a USB device is reformatted, renamed, or reused.Understanding how previously accessed folders can still appear in Shellbag Explorer due to reuse of the same drive letter or volume identifiers.Identifying “ghost” directories and avoiding false assumptions about current device contents.Handling Multiple Removable DevicesObserving how Windows assigns new drive letters (e.g., E:, then F:) when multiple USB devices are connected.Using Last Write Time values to infer when a USB device was inserted or when its folder view preferences were modified.Forensic Validation and ReportingEvaluating whether timestamps and folder structures logically align with expected user behavior.Understanding why investigators must not rely solely on automated tool output.Emphasizing manual validation to prevent misinterpretation caused by merged or residual Shellbag data.By the end of this episode, you’ll be able to analyze Shellbag artifacts related to USB devices, accurately interpret file system timestamps, and validate whether removable media activity supports or contradicts suspected data exfiltration or injection events. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
Veure-ho tot (143)

Informació

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.

Fitxa tècnica

  • Creació
    CyberCode Academy
  • Anys en actiu
    2025 - 2026
  • Episodis
    143
  • Qualificació
    Apte
  • Copyright
    © Copyright CyberCode Academy
  • Lloc web del programa
    CyberCode Academy