Open Source Intelligence Boot Camp

This Open Source Intelligence (OSINT) & Dark Web boot camp will provide delegates with skills to become efficient and effective at finding those key pieces of intelligence on the Internet and Dark Web. There are a number of key technologies that have allowed The Dark Web to flourish, from cryptocurrency to software that allows anonymity such as Tor. Cyber-crime is at the fore-front of criminal innovation. This boot camp is a practical course, allowing delegates the time to explore and understand some of the tools and techniques used by cyber defender and cyber-crime investigators.

Please note this boot camp course is an amalgam of the following two Introduction & Advanced OSINT courses (QAOSCII, QAOSCIA). Please do not book to attend this boot camp delivery if you have attended either of these standalone courses.

Prerequisites

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.

Delegates will learn how to

Day 1 - 3

• Use advanced search engine techniques and features
• Identify websites for finding information on people and companies
• Analyse website source code for investigative purposes
• Use deep web sites and directories
• Understand internet infrastructure and its use intelligence gathering and investigation
• Explain the digital footprint is left when online and the dangers associated
• Use social media for investigation, intelligence and geolocation
• Describe the best open source software to use for investigations
• Access influential internet communities
• You will also have an introduction to the Dark Web, criminal innovation and cybercrime

Day 4 & 5

• Advanced search engine techniques and Google hacking
• How to describe the ways mobile devices can cause and opportunity and risk
• Tracking users with GPRS and SSID
• Advanced software required for safe internet investigations
• How to use open source encrypted anonymity services
• Familiarity with use of Tor and accessing Tor Hidden Services (THS) and other Dark Webs
• How Virtual currencies work, particularly Bitcoin
• Advanced knowledge needed when capturing digital evidence for court

Course Outline

Where applicable our QA OSINT instructors have a law enforcement, internet investigations and digital forensics practitioner experience aligned to the best practice standards, including ISO17025.

Day 1 – 3 Open Source Cyber Intelligence Introduction (QAOSCII)

Day 1

• Introduction
• Module 1 - History of the Internet and the World Wide Web
• Module 2 - How devices communicate
• Module 3 - Internet Infrastructure
• Module 4 - Search Engines

Day 2

• Module 5 - Companies and people
• Module 6 - Analysing the code
• Module 7 - The Deep Web
• Module 8 - Social Media

Day 3

• Module 9 - Protecting your digital footprint
• Module 10 - Internet Communities and Culture
• Module 11 - Cyber Threat
• Module 12 - Tools for investigators
• Module 13 - Legislation

Day 4 & 5 Open Source Cyber Intelligence Introduction (QAOSCIA)

Day 4

• Module 1 - Instant Messaging - IRC
• Acronyms
• IRC Networks and Channels

Module 2 - Secure Communications

• Cryptography
• Hashing
• PGP and GnuPG

Module 3 - Cyber Threat Intelligence

• CVE
• SCAP
• TAXII, STIX and CybOX

Module 4 - Digital Evidence Capture

• Video and screenshots
• Module 5 - Intelligence Evaluation
• 5x5x5 Intelligence document

Day 5

Module 6 - Background of the Dark Web

• History of Criminal Forums
• History of infamous Dark Web sites

Module 7 - Tor and Tor Hidden Servicers

• How Tor works
• How THS work
• Attacks against the Tor network
• Analysis of THS

Module 8 - Bitcoin and Cryptocurrencies

• How Bitcoin works
• Blockchain
• Proof-of-work
• Altcoins

Module 9 - Other Dark Webs

• I2p, Freenet and GNUnet