Christopher Kiefer
Minneapolis, Minnesota, United States
548 followers
500+ connections
About
With a deep-rooted commitment to cybersecurity, my recent role at Symantec empowered our…
Education
-
SANS Technology Institute
-
1) Malware Analysis Basics
2) Reversing Malicious Code
Understanding x86 assembly
Windows API used for registry, keylogging, HTTP, droppers
x64 code analysis
3) Malicious Web and Document Files
Interacting with malicious websites
De-obfuscating malicious JavaScript
Examining malicious Microsoft Office documents, including files with macros
Analyzing malicious RTF document files
4) In-Depth Malware Analysis
Unpacking code
Debuggers for dumping packed…1) Malware Analysis Basics
2) Reversing Malicious Code
Understanding x86 assembly
Windows API used for registry, keylogging, HTTP, droppers
x64 code analysis
3) Malicious Web and Document Files
Interacting with malicious websites
De-obfuscating malicious JavaScript
Examining malicious Microsoft Office documents, including files with macros
Analyzing malicious RTF document files
4) In-Depth Malware Analysis
Unpacking code
Debuggers for dumping packed malware from memory
Analyzing file-less malware
Code injection and API hooking
5) Examining Self-Defending Malware
How malware detects debuggers and protects embedded data
Unpacking malicious software that employs process hollowing
Handling code misdirection techniques, including SEH and TLS Callbacks
6) Malware Analysis Tournament
Behavioral malware analysis
Dynamic malware analysis (using a debugger)
Static malware analysis (using a disassembler)
JavaScript de-obfuscation
PDF document analysis
Office document analysis
Memory analysis -
-
1. Common Network Protocols.
2. Encryption and Encoding.
3. NetFlow Analysis and Attack Visualization.
4. Network Analysis Tool and Usage.
5. Network Architecture.
6. Network Protocol Reverse Engineering.
7. Open Source Network Security Proxies.
8. Security Event and Incident Logging.
9. Wireless Network Analysis.
-
-
I. Identification of MalicIous System and User Activity
II. Incident Response in an Enterprise Environment
III. Incident Response Process and Framework
IV. Timeline Artifact Analysis
VI. Timeline Collection
VII. Timeline Processing
VIII. Volatile Artifact Analysis
IX. Volatile Data Collection
X. Windows Filesystem Structure and Analysis
The candidate will demonstrate an understanding of core Windows filesystems, and the ability to…I. Identification of MalicIous System and User Activity
II. Incident Response in an Enterprise Environment
III. Incident Response Process and Framework
IV. Timeline Artifact Analysis
VI. Timeline Collection
VII. Timeline Processing
VIII. Volatile Artifact Analysis
IX. Volatile Data Collection
X. Windows Filesystem Structure and Analysis
The candidate will demonstrate an understanding of core Windows filesystems, and the ability to identify, recover, and analyze evidence from any file system layer, including the data storage layer, metadata layer, and filename layer.
XII. Windows System Artifact Analysis
The candidate will demonstrate an understanding of Windows system artifacts and how to collect and analyze data such as system back up and restore data and evidence of application execution. -
-
Activities and Societies: packet ninja.
APPLICATION PROTOCOLS
app layer dissection & analysis including HTTP, SMTP, and Microsoft protocols
CONCEPTS OF TCP/IP AND THE LINK LAYER
TCP/IP comm. model and link layer operations
DNS
legitimate vs. malicious
FRAGMENTATION
concepts behind fragmentation-based attacks
IDS FUNDAMENTALS AND INITIAL DEPLOYMENT
architecture, benefits/weaknesses, and config options
IDS RULES
Create effective IDS rules
IP HEADERS
dissect IP packet…APPLICATION PROTOCOLS
app layer dissection & analysis including HTTP, SMTP, and Microsoft protocols
CONCEPTS OF TCP/IP AND THE LINK LAYER
TCP/IP comm. model and link layer operations
DNS
legitimate vs. malicious
FRAGMENTATION
concepts behind fragmentation-based attacks
IDS FUNDAMENTALS AND INITIAL DEPLOYMENT
architecture, benefits/weaknesses, and config options
IDS RULES
Create effective IDS rules
IP HEADERS
dissect IP packet headers and analyze: normal vs. anomaly
IPV6
analyze IPv6; issues involving IP6 over IPv4
NTWK ARCHITECTURE AND EVENT CORRELATION
IDS/IPS management issues, network architecture wrt intrusion detection, and event correlation
NTWK TRAFFIC ANALYSIS AND FORENSICS
analyze real traffic and associated artifacts: malicious vs. normal; discern malicious from FP
PACKET ENGINEERING
packet engineering & manipulation: packet crafting, OS fingerprinting, and IDS Evasion/Insertion
TCP
TCP expected responses to given stimuli
TCPDUMP FILTERS
craft tcpdump filters -
-
AJAX
AJAX technology and its known weaknesses
Automated Web Application Vulnerability Scanners
automated tools used to find web application vulnerabilities and their distinguishing features.
Cross Site Scripting and Attack Frameworks
XSS attacks and XSS attack frameworks
Programming Fundamentals
Javascript with Ajax, and Python
Reconnaissance
techniques used for reconnaissance
Scanning and Mapping
mapping and scanning web applications and…AJAX
AJAX technology and its known weaknesses
Automated Web Application Vulnerability Scanners
automated tools used to find web application vulnerabilities and their distinguishing features.
Cross Site Scripting and Attack Frameworks
XSS attacks and XSS attack frameworks
Programming Fundamentals
Javascript with Ajax, and Python
Reconnaissance
techniques used for reconnaissance
Scanning and Mapping
mapping and scanning web applications and servers: port scanning, identifying services and configurations, spidering, application flow charting and session analysis.
Session Tracking and SSL
session tracking and SSL/TLS use in web comms.; attacks that can leverage flaws in session state
SQL Injection
perform SQL injection attacks; dentify SQL injection vulnerabilities in applications
Understanding the Web and HTTP
web applications & architecture; thorough comprehension HTTP
Web App Pen Test Methodology and Reporting -
-
BROWSER FORENSICS
DIGITAL FORENSICS FUNDAMENTALS
forensic methodology, key forensics concepts, and identifying types of evidence on current Windows OS.
EVIDENCE ACQUISITION, PREPARATION AND PRESERVATION
evidence chain-of-custody and integrity, E-discovery concepts, evidence acquisition and preservation, and the tools and techniques.
FILE AND PROGRAM ACTIVITY ANALYSIS
how Windows registry, file metadata, memory, and filesystem artifacts can be used to trace user…BROWSER FORENSICS
DIGITAL FORENSICS FUNDAMENTALS
forensic methodology, key forensics concepts, and identifying types of evidence on current Windows OS.
EVIDENCE ACQUISITION, PREPARATION AND PRESERVATION
evidence chain-of-custody and integrity, E-discovery concepts, evidence acquisition and preservation, and the tools and techniques.
FILE AND PROGRAM ACTIVITY ANALYSIS
how Windows registry, file metadata, memory, and filesystem artifacts can be used to trace user activities on suspect systems
LOG ANALYSIS
various types of Windows event, service and application logs, and the types of information they can provide.
SYSTEM AND DEVICE PROFILING AND ANALYSIS
Windows registry structure, and how to profile Windows systems and removable devices.
USER COMMUNICATIONS ANALYSIS
forensic examination of user communication applications and methods, including host-based and mobile email applications, Instant Messaging, and other software and Internet-based user communication applications. -
-
-
-
The study of problem solving on computers. Utilize the power of computers in the problem solving process while dealing with the constraints of computers.
computer architecture, programming languages, computer networking, database systems, information management, and numerical analysis.
theoretical foundations of computer science and practical applications. Algorithms, data structures, software design, the concepts of programming languages, computer organization, and computer…The study of problem solving on computers. Utilize the power of computers in the problem solving process while dealing with the constraints of computers.
computer architecture, programming languages, computer networking, database systems, information management, and numerical analysis.
theoretical foundations of computer science and practical applications. Algorithms, data structures, software design, the concepts of programming languages, computer organization, and computer architecture.
applications programming, system analysis, and software engineering
Licenses & Certifications
Courses
-
A+
-
-
Advanced Open Source Intelligence Collection
-
-
CCNA
-
-
Computer Forensics Examiner
FOR408
-
GCIA
SEC503
-
Network+
-
-
Reverse-Engineering Malware: Malware Analysis Tools and Techniques
FOR610
-
Security+
-
-
Web Application Penetration Testing and Ethical Hacking
SEC542
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Christopher Kiefer in United States
-
Christopher Kiefer
Program Manager
-
Christopher Kiefer
Undergraduate Researcher at the University of Minnesota
-
Christopher Kiefer
Owner at Kiefer Lawn Services LLC
-
Christopher Kiefer
Maintenance Planner/CMMS Analyst at CBRE, supporting Haleon
88 others named Christopher Kiefer in United States are on LinkedIn
See others named Christopher Kiefer