News, events, media, seminars and more
In this extended class, students are provided with a number of practical exercises to learn first-hand.
Students graduating the course will have gained a comprehensive BlackBerry forensics, and the best practices of processing the devices for evidentiary purposes.
TeelTech BlackBerry Forensics Four-Day Course Outline
1. BlackBerry Hardware
Basic Memory Structure
2. BlackBerry Operating System and Security
Overview of OS
BlackBerry file types: alx, cod, jad, and ipd
BlackBerry Security Mechanisms
3. BlackBerry Device Behavior
Device Power Off and Battery Pulling
User, Device and Carrier information
Hotkeys and Shortcuts
4. BlackBerry Data (Evidence) Storage Areas
Network Service Provider
BlackBerry Communication Methods
5. BlackBerry Desktop Manager (Windows and Mac)
Installation and make forensically safe
Quick overview of Linux open source equivalent – Barry
Creating backups and encrypted backups with BDM
Other tools that also extract data from BlackBerry
6. Data Parsing and Analysis
Structure of IPD File
BlackBerry Folder Structure and BBthumbs.dat
ABC Amber BlackBerry Converter
Commercial Forensic Tools that parse ipd backup files
Open source tools that parse ipd files
Advanced BlackBerry Forensics Training
7. Non-conventional Methods of Data Extraction
BlackBerry Event logs – extraction and analysis
BlackBerry Diagnostic Report Creation
BlackBerry EScreen (Engineering Screen)
8. Artifacts on Suspect System (computer/laptop)
Log files showing each BlackBerry that connected to PC/laptop
Xml files unique to each BlackBerry that connected showing device info and applications listed on device
Registry hive keys that log each BlackBerry PIN that connected to PC/laptop
What is a BES?
What does the BES log?
Default path location to BES logs
Important BES logs to understand
How to extract data from the BES.
Instructor: Sheran A. Gunasekera
Sheran A. Gunasekera is the Founder and Director of Research & Development for ZenConsult Pte. Ltd. Before founding ZenConsult, Sheran was the Principal Consultant for Scanit Middle East in Dubai and Technical Advisor to the ISP services section of Emirates Telecommunications Corporation (ETISALAT) in the UAE.
Gunasekera has extensive experience in web application security. He has developed tools and methodologies to improve results of security assessments and has trained consultants based on these methodologies. More recently, he focuses on mobile platforms and conducts research into BlackBerry handheld security. He has spoken at the 2009 Hack In The Box conference in Malaysia and the 2010 Troopers Security conference in Germany where he presented results of his research into BlackBerry lawful interception and spyware. His work has been quoted in online publications like Wired News, The Register, PC World, CNET News and Dark Reading.
He maintains a website for application security, reverse engineering and mobile platform security. He has been credited with discovering security vulnerabilities in commercial applications and has also discovered several critical vulnerabilities in core banking and Internet banking applications from companies like Oracle Financial Services (previouslyiFlex), Polaris, ebWorx and SilverLake.
For further information please contact Louise Jackson on 0161 797 8123 email@example.com
London: 0207 438 2045
Manchester: 0161 797 8123