Workshop: Foundations of Network Forensics and Analysis with Troy Wojewoda

In this 4-hour workshop we will introduce students to the core concepts of network forensics, including network architecture, packet analysis tools, and basic traffic analysis techniques.

Live Training $25.00

Course Length: 4 Hours

Includes a Certificate of Completion

Enroll Now

Next scheduled date: January 30th, 2026 @ 12:00 PM EST

Description

In this 4-hour workshop we will introduce students to the core concepts of network forensics, including network architecture, packet analysis tools, and basic traffic analysis techniques.

Hands-on labs have been created with real-world scenarios that are used to reinforce the training material.

By the end of the session, students will have a solid understanding of network forensic fundamentals, be familiar with key tools, and gain hands-on experience in analyzing network traffic.

Student/Lab Requirements:
- A system with a browser and solid internet connection
- The ability to register via MetaCTF. Attendees will have access to the course VM and Labs via the MetaCTF platform for the duration of the workshop.

Syllabus

Module 1: Introduction to Network Forensics

- Lecture Topics:
  - - Course overview and objectives
  - - Network architecture: key components, design considerations, and security implications
  - - Types of network artifacts (e.g., logs, packet captures) and methods of acquisition

Module 2: Tools of the Trade

- Lecture Topics:
  - - Introduction to packet capture and filtering using tcpdump and ngrep
  - - Overview of Wireshark and TShark for packet analysis
  - - Key filtering techniques for isolating relevant traffic
  - - Introduction to Zeek log analysis

Module 3: Hands-On Lab – Traffic Analysis, Filtering, and Data Extraction

- Lab Activity:
  - - Students will use Wireshark and tcpdump to capture and analyze sample network traffic
  - - Practice applying filters to identify suspicious activity
  - - Extract relevant data for further analysis and/or data stacking
  - - Analyzing Zeek logs

Module 4: Protocols and Threats

- Lecture Topics:
  - - Overview of common network protocols (HTTP, DNS, TCP/IP, etc.)
  - - Introduction to encrypted traffic and its challenges in analysis
  - - Examples of attacker techniques and how they exploit network protocols

FAQ

Who Should Attend/Prerequisites:

This workshop is intended for those getting started in the fields of: Monitoring & Incident Response, digital forensics, and/or threat hunting. The workshop will also include tips and techniques for those with a familiarity in network traffic analysis, looking to enhance their capabilities.

Audience Skill Level:

Beginner/Intermediate

About the Instructor

Troy Wojewoda

"purveyor of digital truths"

Bio

Troy Wojewoda is a Security Analyst at Black Hills Information Security (BHIS). Prior to joining BHIS, Troy has held roles in application and system administration, host and network intrusion detection, wireless security, penetration testing, digital forensics, malware analysis, threat hunting, and incident response. In addition to earning several professional certifications, Troy has a BS in Computer Engineering and Computer Science.

Register for Upcoming

Filter by Product Instructor
- Troy Wojewoda
Filter by Product Date
- 01/30/2026 12:00 PM EST
Filter by Product Type
- Live Training