A comprehensive 3 Day Workshop designed to give delegates the skills and knowledge required to perform an Internet Investigation or Intelligence Operation
The ability to identify and retrieve relevant and timely information, intelligence or evidence from the Internet and Open Sources has become a routine necessity for Investigators. However, the structure and size of the Internet presents many challenges for Researchers, Analysts and Investigators. A lack of understanding about the nature and workings of the Internet can mean intelligence or evidence opportunities being lost, or investigations compromised. This workshop examines those challenges and builds a framework skill set to enhance Investigations and Intelligence Operations.
This course includes:
• Internet Investigation Basics – Defining Topics; Forming Strategies; Search Engines; Directories; Virtual Libraries; Meta/Federated Search; Preferences/Settings; Boolean Operators; Results; Advanced Search.
• Internet Footprints & Compromise Issues – Webmaster Logs; Search Engine; Parallel Surfing; Adverts & Images; Sharing Information; Affiliations; Social Networks.
• Alternate Personalities – Real World; Virtual World; Building a Back Story; Identity Management.
• Investigation Preparation – Browser/Workstation Preparation; Add-Ons; Useful Software; Evidencing Tools & Digital Signatures.
• Internet Work Station Environment – Role; Equipment; Risk Analysis; Workstation Access; Workstation Procedures.
• Covert / Anonymous Activity – Browser Privacy; Anonymous Browsing; The Dark Web; Anonymous Surfing.
• Search Tools & Strategies – Search Engines, News, Companies/Businesses; Land/Property; Blogs; Custom Searching; Archives; Images; Phone Numbers; E-Mail addresses; Maps.
• Legal Considerations – Deployment; HRA; RIPA; Surveillance; Interaction with People; Agent Provocateur; Interaction with Computers.
• Social Networking – Social Networks, Communication Methods; Mobile Devices, Keeping informed.
• Network Information – Domains; IP Addresses; DNS; Whois; Traceroute.
• Minimising Compromise – Connectivity; Equipment; Software; Geolocation; Behavioural Targeting; Browser Settings; Add-Ons.
• Evidencing – Saving Data; Moving Data; Notes; Production; Statement, etc.
This course also covers the following (not necessarily as an individual subject);
• Deep / Invisible Web – Finding it, Search Engine restrictions, Spiders, Web Master options.
• International Information – Country Profiles, Governments, News, NGO’s, etc.
• Communication – E-Mail/Webmail, Newsgroups, Discussion Forums, IRC.
• People Finders – Business, Credit Reference, Regulatory Authorities, Search Tools, etc.
• Monitoring the Internet – Passive, Active, Advanced concepts.
• Data Assimilation – Hunters, Extractors, Visualisation
ROBERT STEELE: Mike Bazzell, author of Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, see the graphics below that I especially like, is the post-discovery OSINT specialist. Colin, who was Steve Edwards’ replacement at SO-11 and along with Steve instrumental in Sir David Veness receiving a knighthood for putting bad guys in jail better, faster, and cheaper (while also increasing by 110X the post-conviction global discovery of assets that could be confiscated), is the best person I know for Internet Investigation Tradecraft. Call Dial Records (CDR) analysis is not mentioned above but easily included by Colin. Graphics below from Mike Bazzell.