Join us in-person this July for the first-ever Antisyphon Summer Camp! Register Here

Workshop: Foundations of Network Forensics and Analysis with Troy Wojewoda

Overview

  • Course Length: 4 hours
  • Support from expert instructors
  • Includes a certificate of completion
Pay Forward What You Can
Instructor:
Troy Wojewoda

In this 4-hour workshop we will introduce students to the core concepts of network forensics, including network architecture, packet analysis tools, and basic traffic analysis techniques.

Hands-on labs have been created with real-world scenarios that are used to reinforce the training material.

By the end of the session, students will have a solid understanding of network forensic fundamentals, be familiar with key tools, and gain hands-on experience in analyzing network traffic.

Syllabus:

Module 1: Introduction to Network Forensics

  • Lecture Topics:
    • Course overview and objectives
    • Network architecture: key components, design considerations, and security implications
    • Types of network artifacts (e.g., logs, packet captures) and methods of acquisition

Module 2: Tools of the Trade

  • Lecture Topics:
    • Introduction to packet capture and filtering using tcpdump and ngrep
    • Overview of Wireshark and TShark for packet analysis
    • Key filtering techniques for isolating relevant traffic
    • Introduction to Zeek log analysis

Module 3: Hands-On Lab – Traffic Analysis, Filtering, and Data Extraction

  • Lab Activity:
    • Students will use Wireshark and tcpdump to capture and analyze sample network traffic
    • Practice applying filters to identify suspicious activity
    • Extract relevant data for further analysis and/or data stacking
    • Analyzing Zeek log 

Module 4: Protocols and Threats

  • Lecture Topics:
    • Overview of common network protocols (HTTP, DNS, TCP/IP, etc.)
    • Introduction to encrypted traffic and its challenges in analysis
    • Examples of attacker techniques and how they exploit network protocol 

Virtual (July 25th, 2025)

  • July 25th – 11 AM EST – 4 PM EST

Student/Lab Requirements:

  • A system with a browser and solid internet connection
  • You will need a web browser, to register via MetaCTF, and to pay a small fee for Virtual Machine resource utilization (approx. $5 for a four-hour workshop)

Who Should Attend/Prerequisites:

This workshop is intended for those getting started in the fields of: Monitoring & Incident Response, digital forensics, and/or threat hunting. The workshop will also include tips and techniques for those with a familiarity in network traffic analysis, looking to enhance their capabilities.  

Audience Skill Level:

  • Beginner/Intermediate

Live Training

  • Pay What You Can
  • Collaborative interaction with Instructor and fellow students through the Antisyphon Discord class channel
  • Access to course slides for future reference
  • Tips, tools, and techniques that can be applied immediately upon returning to work
  • Strengthen your skills by solving challenges within the Antisyphon Cyber Range
  • Become part of a community driven to educate and share knowledge

Pay Forward What You Can

Workshop: Foundations of Network Forensics and Analysis with Troy Wojewoda
$ 25.00 $ 150.00
Pay
$ 25.00
Includes certificate of participation, six months access to class recordings and our appreciation.
Jul 25
11am EDT – 4pm EDT
Registration ends: 10 PM ET on Jul 24
$ 25.00
Select option

Pay Forward What You Can

Pay
$ 25.00
Includes certificate of participation, six months access to class recordings and our appreciation.

Pay
$ 50.00
Includes certificate of participation, six months access to class recordings and our appreciation.

Pay
$ 75.00
Includes certificate of participation, six months access to class recordings and our appreciation.

Pay
$ 100.00
Includes certificate of participation, six months access to class recordings and our appreciation.

Complete Package

Pay
$ 150.00
Includes certificate of participation, six months access to class recordings and our appreciation.

Similar Courses

Pay Forward What You Can Active Defense and Cyber Deception with John Strand course badgeActive Defense and Cyber Deception with John Strand course badge
John Strand
Live
OD
Active Defense and Cyber Deception with John Strand

Jun 16th

– Jun 19th

Foundational Application Security Training with Bill McCauley course badgeFoundational Application Security Training with Bill McCauley course badge
Bill McCauley
Live
Foundational Application Security Training with Bill McCauley
Pay Forward What You Can Getting Started in Packet Decoding with Chris Brenton course badgeGetting Started in Packet Decoding with Chris Brenton course badge
Chris Brenton
Live
OD
Getting Started in Packet Decoding with Chris Brenton

Jun 23rd

– Jun 26th

Pay Forward What You Can Getting Started in Security with BHIS and MITRE ATT&CK with John Strand course badgeGetting Started in Security with BHIS and MITRE ATT&CK with John Strand course badge
John Strand
Live
OD
Getting Started in Security with BHIS and MITRE ATT&CK with John Strand

Aug 18th

– Aug 21st

Course Categories:

Pay Forward What You Can, Workshop

Shopping Cart

No products in the cart.