CyberCode Academy

CyberCode Academy
  • 0,0 (0)
  • Cursos
  • Diário

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

  1. Course 36 - Windows Forensics and Tools | Episode 2: Windows Forensic Imaging and Drive Nomenclature

    há 16 h

    Course 36 - Windows Forensics and Tools | Episode 2: Windows Forensic Imaging and Drive Nomenclature

    In this lesson, you’ll learn about: Windows forensic imaging and data structure fundamentals1. What is Forensic Imaging?A bit-by-bit, sector-by-sector copy of a storage deviceCaptures everything, not just visible files🔹 What it IncludesActive files and foldersDeleted filesUnallocated spaceSlack space👉 Key Difference:Not a backup → it is an exact forensic replica2. Why Forensic Imaging MattersPreserves original evidencePrevents modification of:File timestampsMetadata👉 Legal Importance:Required for court-admissible investigations3. Physical vs Logical Drives (Windows Naming)🔹 Physical DrivesIdentified as:Disk 0Disk 1Represent actual hardware🔹 Logical DrivesRepresent partitions using letters:C:D:E:👉 Analogy:Physical disk → entire cabinetLogical drives → drawers inside the cabinet🔹 Historical NoteA: and B: reserved for floppy disks4. File System Hierarchy🔹 Structure LevelsVolume (highest level)PartitionDirectory (folder)File🔹 File DefinitionA logical grouping of related data👉 Key Insight:Understanding hierarchy helps in locating and analyzing evidence5. Processes and Threads (Execution Basics)Process → running programThread → smallest execution unit within a process👉 Why it matters:Helps track:Program executionMalicious activity6. Data Integrity & Verification🔹 Hashing ConceptGenerate a unique fingerprint for data🔹 Algorithm ExampleMD5 hash🔹 Key PropertiesSame file → same hashRename file → hash unchangedChange 1 bit → completely different hash👉 Use Case:Verify forensic image integrity7. Chain of Trust in ForensicsAcquire image → generate hashAnalyze copy → compare hash again👉 Goal:Ensure no tampering occurredKey TakeawaysForensic imaging captures complete disk data, including hidden contentPhysical and logical drives represent different abstraction layersFile systems follow a structured hierarchyHashing ensures data integrity and authenticityEven a tiny change in data invalidates evidenceBig PictureForensic imaging helps you:👉 Move from raw disk → verified evidence copyMental ModelDisk → Image → Hash → Analyze → Verify You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    22 min
  2. Course 36 - Windows Forensics and Tools | Episode 1: Debunking Myths and Mastering Methodology

    há 1 dia

    Course 36 - Windows Forensics and Tools | Episode 1: Debunking Myths and Mastering Methodology

    In this lesson, you’ll learn about: digital forensics in Windows environments1. What is Digital Forensics?Also known as computer forensicsThe application of scientific methods to digital investigations🔹 Core ObjectivesIdentify digital evidencePreserve its integrityAnalyze findingsPresent results for legal use👉 Key Idea:Evidence must be accurate, repeatable, and legally admissible2. Why Focus on Windows?Majority of systems run WindowsWidely used in:Personal computingEnterprise environments🔹 ChallengesUndocumented internal featuresLimited low-level accessComplex system structure👉 Result:Windows forensics requires specialized knowledge and tools3. Investigation Methodology (SANS Framework)Developed by the SANS Institute🔹 The 8-Step ProcessStep 1: Initial AssessmentConfirm incidentDefine scopeIdentify affected systems👉 Goal:Understand what happened and whereStep 2: System DescriptionDocument:Hardware specsOS configurationNetwork role👉 Importance:Provides context for analysisStep 3: Evidence Acquisition🔹 Types of DataVolatile Data:RAMRunning processesNetwork connectionsNon-Volatile Data:Hard drivesLogsFiles🔹 Critical ConceptsChain of custodyData integrity verification (hashing)👉 Rule:Never alter original evidenceStep 4: Timeline AnalysisReconstruct system activity over time👉 Helps answer:When did the attack happen?What actions were performed?Step 5: Media AnalysisExamine:File systemsProgram executionDeleted files👉 Insight:Reveals user and attacker behaviorStep 6: String & Byte SearchSearch for:KeywordsSignaturesBinary patterns👉 Use Case:Detect malware traces or hidden dataStep 7: Data RecoveryRecover data from:Unallocated spaceSlack space👉 Importance:Deleted ≠ goneStep 8: ReportingCreate formal report🔹 Must IncludeVerified findingsMethods usedEvidence references👉 Requirement:Must be clear, objective, and defensible in court4. Windows Artifacts (Key Evidence Sources)🔹 Common ArtifactsRegistryPrefetch filesRestore pointsRecycle Bin👉 What they reveal:Program execution historyUser activitySystem changes5. Cybersecurity Use Case🔹 When Digital Forensics is UsedIncident responseMalware analysisLegal investigations👉 Outcome:Understand:Attack methodsImpactResponsible actionsKey TakeawaysDigital forensics applies scientific investigation to digital systemsWindows analysis is complex but essentialSANS methodology ensures structured and reliable investigationsEvidence handling must preserve integrityArtifacts reveal hidden user and attacker activityBig PictureDigital forensics helps you:👉 Move from incident → evidence → truthMental ModelCollect → Preserve → Analyze → Report You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    22 min
  3. Course 35 - Footprinting and Reconnaissance | Episode 8: From Target Reconnaissance to Phishing Execution

    há 2 dias

    Course 35 - Footprinting and Reconnaissance | Episode 8: From Target Reconnaissance to Phishing Execution

    In this lesson, you’ll learn about: social engineering attacks and spear-phishing execution1. What is Social Engineering?A psychological attack techniqueTargets human behavior instead of systemsExploits trust, urgency, and curiosity👉 Goal:Trick the victim into revealing information or executing malicious actions2. Phase 1: Reconnaissance (Information Gathering)🔹 Target ProfilingCollect Personally Identifiable Information (PII):Job roleRelationship statusDaily habitsInterests (e.g., pets, hobbies)🔹 Data SourcesSocial media platforms (e.g., mock “mybook”)👉 Why it matters:Enables highly targeted (spear-phishing) attacksHelps guess:PasswordsSecurity questions3. Phase 2: Attack Setup🔹 Tools UsedSocial Engineering ToolkitKali Linux🔹 Attack MethodSpear-phishing email with malicious attachment🔹 Payload TechniqueFile disguised as:PCFIX.zip.pdf👉 Deception Strategy:Double extension trick to:Bypass user suspicionAppear as a legitimate document4. Phase 3: Delivery & Execution🔹 Email DeliveryConfigure SMTP serverSend high-priority message🔹 Social Engineering TacticsCreate urgency:“Suspicious internet activity detected”👉 Objective:Force the victim to act without thinking5. System Compromise🔹 Victim InteractionDownloads the fileOpens the attachment🔹 ResultExecution of hidden payloadAttacker gains access via:Metasploit Framework🔹 OutcomeRemote command shell accessFull system control6. Cybersecurity Impact🔹 Attack ChainReconnaissanceWeaponizationDeliveryExploitationAccess👉 Key Insight:A simple phishing email can lead to complete system compromise7. Defense & Awareness🔹 Common Weak PointsHuman trustLack of awarenessPoor email inspection🔹 PreventionSecurity awareness trainingEmail filtering & sandboxingAvoid opening suspicious attachmentsVerify sender authenticityKey TakeawaysSocial engineering targets people, not systemsReconnaissance makes attacks more effectiveFile disguise techniques increase success ratePhishing can lead to full system compromiseAwareness is the strongest defenseBig PictureThis attack demonstrates:👉 How information gathering → targeted phishing → system takeoverMental ModelRecon → “Know the victim”Phishing → “Exploit trust”Payload → “Gain access” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    22 min
  4. Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    há 3 dias

    Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    In this lesson, you’ll learn about: reconnaissance using Recon-ng1. What is Recon-ng?A full-featured web reconnaissance frameworkPre-installed on Kali LinuxDesigned to automate OSINT and domain reconnaissance🔹 Core ConceptWorks like a framework (similar to Metasploit)Uses modules to perform different recon tasks👉 Purpose:Build a structured database of target intelligence2. Tool OverviewRecon-ng🔹 Key CapabilitiesDomain intelligence gatheringContact harvestingSubdomain discoveryFile and directory enumeration👉 Advantage:Organizes results into a workspace database3. Workspace & Domain Setup🔹 Initial StepsCreate a workspaceAdd target domain👉 Why it matters:Keeps recon data organized and reusable4. Contact Harvesting🔹 Module: whois_pocsExtracts:NamesEmail addressesLocations👉 Use Case:Build a target profileUseful for:Social engineeringOSINT correlation5. Host Discovery & Stealth🔹 Module: bing_domain_webFinds:HostsIndexed subdomains🔹 Stealth FeatureRecon-ng introduces delays (sleep) between requests👉 Benefit:Mimics human browsingReduces detection riskAvoids IP blocking6. Subdomain Brute-Forcing🔹 Module: brute_hostsUses wordlists to guess subdomains🔹 OutputHidden subdomainsAssociated IP addresses👉 Importance:Expands the attack surfaceReveals hidden infrastructure7. Sensitive File Discovery🔹 Module: interesting_filesSearches for:robots.txtBackup filesConfig files👉 Why it matters:May expose:Hidden directoriesInternal pathsMisconfigurations8. Analyzing Server Responses🔹 HTTP Status Codes404 → Resource not found (client-side issue)300-series → Redirection👉 Insight:Helps understand:Server behaviorApplication structure9. Cybersecurity Use Case🔹 Reconnaissance PhaseEarly stage of:Penetration testingBug bounty hunting🔹 What You AchieveMap:DomainsSubdomainsContactsInfrastructure👉 Outcome:Clear view of the target environmentKey TakeawaysRecon-ng is a modular recon frameworkUses workspaces to organize intelligenceAutomates multiple OSINT tasksIncludes stealth techniques to avoid detectionProvides structured data for further testingBig PictureRecon-ng helps you:👉 Move from raw data → structured intelligence databaseMental ModelRecon-ng → “Collect + organize recon data”Analysis → “Turn data into actionable insights” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    19 min
  5. Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    há 4 dias

    Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    In this lesson, you’ll learn about: information gathering using theHarvester1. What is theHarvester? A reconnaissance tool used for Open Source Intelligence (OSINT)Built into Kali LinuxDesigned to collect publicly available data about a target🔹 Core Function Gathers:Email addressesSubdomainsIP addressesHostnames👉 Purpose: Build a digital footprint of the target before active testing2. Tool Overview theHarvester🔹 Data Sources Search engines:GoogleBingExternal services:Shodan👉 Value: Combines multiple sources into one unified result set3. Basic Command Usage🔹 Essential Flags -d → Target domain-l → Limit number of results-b → Data source (e.g., google, bing, shodan)-f → Save output to file🔹 Example CommandtheHarvester -d microsoft.com -l 100 -b google -f results 👉 What this does: Searches GoogleCollects up to 100 resultsSaves output locally4. Advanced Querying🔹 Additional Flags -s → Start position of search results👉 Use Case: Continue collecting data beyond initial resultsAvoid duplicate data🔹 Shodan IntegrationtheHarvester -d microsoft.com -b shodan 👉 Benefit: Finds:Exposed devicesServicesTechnical infrastructure5. Analyzing Results🔹 Key Findings Subdomains:news.microsoft.comsupport.microsoft.comIP Addresses:Associated with infrastructure🔹 Why It Matters Reveals:Attack surfaceEntry pointsHidden assets6. Cybersecurity Use Case🔹 Reconnaissance Phase First step in:Penetration testingBug bounty hunting🔹 What You Gain Target structure understandingIdentification of:Weak subdomainsExposed services👉 Impact: Better planning for:ScanningExploitationKey Takeaways theHarvester is a powerful OSINT toolUses multiple public sources for data collectionCommand-line flags control precision and scopeResults reveal critical reconnaissance insightsForms the foundation of ethical hacking workflowsBig PicturetheHarvester helps you:👉 Move from no knowledge → mapped digital footprintMental Model theHarvester → “Collect target data”Analysis → “Understand the attack surface” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    20 min
  6. Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    há 5 dias

    Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    In this lesson, you’ll learn about: website mirroring using HTTrack for footprinting1. What is Website Mirroring?The process of creating a local copy of a websiteUsed for:FootprintingReconnaissanceOffline analysis👉 Goal:Analyze the target without interacting with the live system repeatedly2. Tool OverviewHTTrack🔹 What HTTrack DoesDownloads:HTML pagesImagesScripts (JavaScript, CSS)👉 Result:A fully browsable offline version of the website3. Lab Environment Setup🔹 Environment UsedVirtual lab (Cyber Lab)Windows 7 Virtual Machine👉 Why this setup:Safe environmentPre-configured toolsNo risk to real systems4. Installation & Initial Configuration🔹 StepsRun:httrack-3.48.19.exe🔹 Project SetupProject Name:Example: PABCategory:Example: intranetTarget:Website URL👉 This defines:What you are copyingHow the project is organized5. Advanced Configuration🔹 Proxy SettingsConfigure proxy:Port 8080👉 Why:Required in lab environmentsEnsures proper network routing🔹 Mirroring Depth (Critical Setting)Max DepthLimits how deep HTTrack follows linksExternal DepthControls external site crawling👉 Importance:Prevents:Huge downloadsLong execution times6. Analyzing the Mirrored Website🔹 ComparisonLocal copy vs original:Mostly identicalSome UI elements may be missing👉 Reason:Depth limitationsDynamic content not fully captured7. Cybersecurity Use Case🔹 Source Code AnalysisInspect:HTMLJavaScriptCSS🔹 What to Look ForHardcoded IP addressesHidden endpointsAPI callsMisconfigurations👉 Value:Helps identify:Weak pointsEntry pathsTechnology stackKey TakeawaysHTTrack enables offline website analysisMirroring helps reduce interaction with live targetsProper configuration (depth, proxy) is essentialSource code analysis reveals hidden vulnerabilitiesThis is a key step in web application reconnaissanceBig PictureWebsite mirroring helps you:👉 Move from surface browsing → deep analysisNot just seeing the siteBut understanding how it works internallyMental ModelHTTrack → “Copy the website”Analysis → “Understand the website” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    18 min
  7. Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    há 6 dias

    Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    In this lesson, you’ll learn about: Maltego for visual footprinting and OSINT analysis1. What is Maltego?MaltegoA tool used for:Information gathering (OSINT)FootprintingVisual link analysis👉 Key idea:Instead of raw data → Maltego gives you a visual map of relationships2. Lab Setup (Kali Linux Environment)🔹 PlatformKali Linux🔹 Setup StepsInstall Maltego Community EditionRegister an accountLaunch and create a new graph👉 The graph is your workspace where:Entities (emails, domains, IPs) are connected visually3. Email Reconnaissance in Maltego🔹 ProcessAdd an email entity to the graphRun transforms (automated queries)🔹 Example Data SourceHave I Been Pwned🔹 What You DiscoverData breaches linked to the emailAssociated accounts or servicesConnections to other entities👉 Value:Helps identify:Compromised credentialsAttack vectors4. Domain-Level Investigation🔹 Example TargetMicrosoft (microsoft.com)🔹 What Maltego Can FindAssociated email addressesSubdomainsInfrastructure components👉 This builds:A complete map of the organization’s digital presence5. Visualization Power🔹 What Makes Maltego UniqueDisplays relationships between:EmailsDomainsIP addressesOrganizations🔹 Unexpected InsightsCan reveal:Physical locationsCitiesAdditional contextual data👉 Result:A clear attack surface map instead of scattered data6. Why Maltego is ImportantAutomates OSINT collectionCorrelates data from multiple sourcesMakes complex relationships easy to understandKey TakeawaysMaltego is a visual OSINT and footprinting toolUses transforms to gather and connect dataEmail analysis can reveal breach exposureDomain analysis maps full infrastructureVisualization helps identify hidden relationshipsBig PictureMaltego helps you:👉 Move from data collection → intelligence visualizationNot just gathering infoBut understanding how everything is connectedMental ModelRaw tools → give dataMaltego → gives insight + connections You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  8. Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    24 de mai.

    Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    In this lesson, you’ll learn about: Shodan and Google Dorking (GHDB) in footprinting1. Shodan (Internet-Wide Device Discovery)🔹 What is Shodan?ShodanA search engine designed to find:Internet-connected devicesExposed services🔹 What You Can DiscoverIP addressesOpen portsOperating systemsDevice types (e.g., routers, cameras, servers)🔹 Example Use CaseSearching for:Cisco routersFiltering by:Geographic location👉 Why it matters:Helps identify:Exposed infrastructurePotential attack surface2. Key Shodan CapabilitiesAdvanced filters:Location-based searchesService-specific queriesReal-world visibility into:Global internet exposure👉 Insight:Many systems are:MisconfiguredPublicly accessible3. Google Dorking (GHDB)🔹 What is GHDB?Google Hacking DatabaseA collection of:Advanced Google search queries (dorks)🔹 PurposeFind:Sensitive filesMisconfigured web pagesHidden data4. Common Google Dorking Techniques🔹 File Type SearchesExample:.xlsx (Excel files)👉 Can reveal:ReportsCredentials (sometimes)Internal data🔹 Targeted QueriesUse operators like:site:filetype:intitle:5. Practical Considerations🔹 Handling LimitationsGoogle may:Trigger CAPTCHA (human verification)Requires:Careful, slow searching🔹 Navigating ResultsReview multiple pagesRefine queries for accuracy6. Legal & Ethical UseAlways:Stay within authorized scopeUse tools for:Security researchDefensive purposes👉 Important:These tools are powerful:Misuse can lead to legal consequencesKey TakeawaysShodan reveals internet-exposed devices and servicesGHDB enables precision searching for sensitive dataBoth tools are critical for OSINT and footprintingAdvanced search techniques improve accuracyEthical usage is mandatoryBig PictureThese tools help you:👉 Move from basic information → deep exposure analysisShodan → “What devices are exposed?”GHDB → “What data is publicly accessible?”Mental ModelShodan → Infrastructure visibilityGoogle Dorking → Data discovery You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    17 min
Ver tudo (254)

Sobre

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

Informações

  • Criado por
    CyberCode Academy
  • Anos de atividade
    2025 - 2026
  • Episódios
    254
  • Classificação
    Livre
  • Copyright
    © Copyright CyberCode Academy
  • Site do podcast
    CyberCode Academy

Você também pode gostar de