# You are as big as the ocean
## Ecir
even if i don't like the way the course is called it self , but it's have some good point like practicale incident handel , network analysis domain is also good way to know how the attack happend on your network and how to analysis . it's just a course you sharp your skills with it, it's not enough
## Ecdfp
this course talk in deep about some topic like disk analysis , memory analysis , it's not professional as it's called , it's just a normal course talk in deep about some topic related to Digital forensics
## Let's take this shit to it's end
## FOR500: Windows Forensic Analysis
ok slow down don't paink , the course here is talk about building in-depth digital forensics knowledge of Microsoft Windows operating systems , there is good books like Shell Items and Removable Device Profiling , shell bug , web browse forensics and other good topics
{% hint style="info" %}
there will be course from sans talk about linux forensics , when the course is publish by sans i will mention it
{% endhint %}
## FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
this is one of my favirout course , it's realy talked in deep details about detection for some of common Persistence Techniques , How and when did the attackers obtain domain administrator credentials , Determine what was stolen: Recover any attacker archives, find encryption passwords, and extract the contents to verify exfiltrated data , powershell Remoting/WMIC hacking , Cobalt Strike Lateral Movement and Credential Use , it's really some of my iconic course
## إن أحسنت فمن الله، وإن أسأت فمن نفسي والشيطان
{% hint style="info" %}
لا تنسوني من صالح دعائكم
{% endhint %}
.jpg?alt=media&token=356b70f0-676d-4231-8130-f12ca3978048)
