neolea/neolea-training-materials

# Neolea training materials overview  ## Terminology - 100 Introductory - Basis are required to benefit from the other trainings (MISP and information sharing) - 200 Intermediate - DFIR topics (from digital forensic to network forensic analysis) - 300 Advanced - Advanced topics (data mining, cryptography) ## List of training materials available - E.100 [MISP](https://www.misp-project.org/) - Open Source Threat Intelligence Platform Supporting Digital Forensic and Incident Response - E.101 [MISP-LEA](https://www.misp-lea.org/) - MISP-LEA API and Automation - E.102 Digital Forensic Introduction (in 3 parts) - E.200 Post Mortem Analysis Techniques of Fake Invoices Manipulated PDF documents - E.201 Digital Forensics - Introduction: Post-mortem Digital Forensics - E.202 Network forensic - Analysing black-hole monitoring dataset How to better understand DDoS attacks from backscatter traffic, opportunistic network scanning and exploitation - E.203 Digital Forensics - Introduction: File System and Data Recovery - E.204 Digital Forensics - Introduction: Windows Memory and File Forensics - E.205 Reversing - Introduction: ELF Binary Analysis - E.300 Data mining using the [AIL project](https://www.github.com/ail-project) - E.301 Cryptography Workarounds For Law Enforcement | Slides (PDF) | Source Code | | ------------ | ----------- | | [e.001-introduction](https://github.com/neolea/neolea-training-materials/blob/master/output/e.001-introduction.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.001-introduction) | | [e.100-information-sharing](https://github.com/neolea/neolea-training-materials/blob/master/output/e.100-information-sharing.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.100-information-sharing) | | [e.102-digital-forensic-introduction part 1](https://raw.githubusercontent.com/neolea/neolea-training-materials/refs/heads/master/e.102-digital-forensic-introduction/course_1.pdf) [e.102-digital-forensic-introduction part 2](https://raw.githubusercontent.com/neolea/neolea-training-materials/refs/heads/master/e.102-digital-forensic-introduction/course_2.pdf) [e.102-digital-forensic-introduction part 3](https://raw.githubusercontent.com/neolea/neolea-training-materials/refs/heads/master/e.102-digital-forensic-introduction/course_3.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.102-digital-forensic-introduction)| | [e.200-dfir-pdf-analysis](https://github.com/neolea/neolea-training-materials/blob/master/output/e.200-dfir-pdf-analysis.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.200-dfir-pdf-analysis) | | [e.201-digital-forensic-primer](https://github.com/neolea/neolea-training-materials/blob/master/output/e.201-digital-forensic-primer.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.201-digital-forensic-primer) | | [e.202-network-forensic](https://github.com/neolea/neolea-training-materials/blob/master/output/e.202-network-forensic.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.202-network-forensic) | | [e.203-file-system-data-recovery](https://github.com/neolea/neolea-training-materials/blob/master/output/e.203-file-system-data-recovery.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.203-file-system-data-recovery) | | [e.204-windows-memory-files](https://github.com/neolea/neolea-training-materials/blob/master/output/e.204-windows-memory-files.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.204-windows-memory-files) | | [e.205-dfir-elf-analysis](https://github.com/neolea/neolea-training-materials/blob/master/output/e.205-dfir-elf-analysis.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.205-dfir-elf-analysis) | | [e.300-data-mining](https://github.com/neolea/neolea-training-materials/blob/master/output/e.300-data-mining.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.300-data-mining) | | [e.301-cryptography](https://github.com/neolea/neolea-training-materials/blob/master/output/e.301-cryptography.pdf) | [source](https://github.com/neolea/neolea-training-materials/tree/master/e.301-cryptography) | # Open Source License All the materials are dual-licensed under GNU Affero General Public License version 3 or later and the Creative Commons Attribution-ShareAlike 4.0 International. You can use either one of the licenses depending of your use case of the training materials. All the source code is available at [https://www.github.com/neolea/neolea-training-materials](https://www.github.com/neolea/neolea-training-materials). If you reuse the training materials, don't forget to include the above for attribution. ## Funding The neolea project training materials is developed by [CIRCL Computer Incident Response Center Luxembourg](https://www.circl.lu/), and co-financed within the [MISP-LEA project](https://www.misp-lea.org/). ### Previous Funding The neolea project training materials was developed by [CIRCL Computer Incident Response Center Luxembourg](https://www.circl.lu/), and co-financed within ENFORCE. [ENFORCE](https://ceis.eu/en/cyber-ceis-coordinator-of-the-enforce-project-co-organizes-a-cybercrime-training-with-the-luxembourgian-circl-and-the-french-national-police/) is an 18-month European project co-funded by the European Commission in the framework of the Internal Security Fund – Police. The project runs from December 2018 to May 2020. The ENFORCE project aims at designing, setting-up, and disseminating a cybercrime training curriculum at the European level. This curriculum will be validated during a training exercise allowing different European public (e.g. law enforcement agencies and CSIRTs) and private actors fighting cybercrime to train together using state-of-the-art training technology. ENFORCE project is coordinated by CEIS and a partnership between [CIRCL](https://www.circl.lu/), French Ministry of Interior and [CEIS](https://ceis.eu/). # Complementary materials - [misp-training-lea - Practical Information Sharing between Law Enforcement and CSIRT communities using MISP](https://github.com/MISP/misp-training-lea) - [General MISP Training Materials](https://github.com/MISP/misp-training) - [AIL Project Training Materials](https://github.com/ail-project/ail-training)