Overview

This Open Source Intelligence (OSINT) boot camp will provide delegates with skills to become efficient and effective at finding those key pieces of intelligence on the Internet and Dark Web. There are a number of key technologies that have allowed the Dark Web to flourish, from cryptocurrency to software that allows anonymity such as Tor. Cybercrime is at the fore-front of criminal innovation. This boot camp is a practical course, allowing delegates the time to explore and understand some of the tools and techniques used by cyber intelligence analysts and cybercrime investigators and law enforcement specialists.

Should this extensive bootcamp syllabus not quiet hit the mark for you, consider our on-demand tailored private events option. Our broad OSINT capability allows organisations to tailor private events, module by module, lab by lab, to meet the specific needs, challenges and skill levels required.

Prerequisites

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.

About the course author

Mark Martin

Overview

I was a senior investigating officer working in law enforcement with over 31 years’ experience of working in the various government agencies including National Crime Agency. I have handled numerous cases involving drug trafficking, money laundering, endangered species, fraud, tackling child abuse online, extortion, hacking, and various other computer crimes. I am advanced mobile and digital Forensics practitioner.  I have utilised my open source intelligence skills to locate and identify individuals and criminal organisations online.  A founding member of the elite team called the National Hi-Tech Crime Unit, set up in 2001 to tackle with online threats.  Mark worked in partnership with Europol and Interpol Mark was instrumental in dismantling a highly sophisticated international online paedophile organisation. I have also delivered training in Europol on child abuse online Open source intelligence.

Specialist Areas/Professional Qualifications

Open Source Intelligence, Digital Forensics (mobile and digital forensics), Legal (Law enforcement) & Cyber Security Fundamentals.

Industry Experience

I have been a senior investigating officer working in law enforcement with over 15 years’ experience of working in the National Crime Agency, National crime Squad, HM Customs and Excise, UK Border Agency, Home Office and HM Revenue and Customs. I have handled numerous cases involving drug trafficking, money laundering, endangered species, fraud, tackling child abuse online, extortion, hacking, and various other computer crimes. I am Mobile and Digital Forensics practitioner for covert and overt use.

LinkedIn Profile

https://www.linkedin.com/in/mark-martin-795b95133/

Course Outline

  • Module 1 – Basics of the Internet and Devices
  • Module 2 – Strategy and Following Each Lead
  • Module 3 – Digital Footprints
  • Module 4 – Legislation, Preserving & Recording Captures
  • Module 5 – Search Engines
  • Module 6 – Deep Web
  • Module 7 – Background of the Dark Web
  • Module 8 – Tor Privacy and Security
  • Module 9 – Tor Hidden Services
  • Module 10 – Tor Virtual Environments & Applications
  • Module 11 – Other Dark Webs
  • Module 12 – People and Companies
  • Module 13 – Investigating Email
  • Module 14 – Image and Video Searching
  • Module 15 – Social Media
  • Module 16 – Facebook and Messenger
  • Module 17 – Twitter
  • Module 18 – Other Social Media
  • Module 19 – Cryptocurrencies
  • Module 20 – Advanced Open Source Tools

Should this extensive bootcamp syllabus not quiet hit the mark for you, consider our on-demand tailored private events option. Our broad OSINT capability allows organisations to tailor private events, module by module, lab by lab, to meet the specific needs, challenges and skill levels required.

OSINT Bootcamp Exercises

  • Exercise 1 – Look up your MAC address
  • Exercise 2 – Address Resolution Protocol
  • Exercise 3 – Lookup your IP addresses
  • Exercise 4 – Autonomous Systems Numbers
  • Exercise 5 – DNS Lookup
  • Exercise 6 – WHOIS Lookups
  • Exercise 7 – Trace route
  • Exercise 8 – Internet Infrastructure using Robtex for target reconnaissance
  • Exercise 9 – Investigate counterfeiting websites
  • Exercise 10 – Investigate counterfeiting websites further analysis
  • Exercise 11 – Beware check the domain
  • Exercise 12 – View the source code
  • Exercise 13 – Beware of Malicious JavaScript on websites
  • Exercise 14 – Tracking Cookies
  • Exercise 15 – Find analytical codes within the source code
  • Exercise 16 – Robots.txt
  • Exercise 17 – Large scale NAT on mobile
  • Exercise 18 – Which VPN do I choose?
  • Exercise 19 – What are the consequences for doing Open source Intelligence research?
  • Exercise 20 – Creating a “sock puppet”
  • Exercise 21 – Select your target and persona
  • Exercise 22 – What is a digital footprint?
  • Exercise 23 – Your digital footprint?
  • Exercise 24 – Check out your browser
  • Exercise 25 – Personal search exercise
  • Exercise 26 – Check out these tools to find OSINT information
  • Exercise 27 – Test browser leakage
  • Exercise 28 – User Agent Switcher
  • Exercise 29 – Referrer header
  • Exercise 30 – Autofill phishing
  • Exercise 31 – Password strength noise
  • Exercise 32 – Zotero hack
  • Exercise 33 – HTTrack website copier
  • Exercise 34 – Copy webpage
  • Exercise 35 – AOL Data Breach
  • Exercise 36 – Really using a search engine
  • Exercise 37 – Check out the following search engines
  • Exercise 38 – Google advanced search hacking and CSE
  • Exercise 39 – More search engines
  • Exercise 40 – The Web – really!
  • Exercise 41 – Meta and Federated search engines
  • Exercise 42 – Open Source Intelligence websites
  • Exercise 43 – Pastebins – mind how you go
  • Exercise 44 – Hacker and carding forums and chatrooms
  • Exercise 45 – Public records worldwide
  • Exercise 46 – Document and document Metadata with Deep Web search tools
  • Exercise 47 – Archive.org - advanced searching
  • Exercise 48 – Archive.is searching
  • Exercise 49 – Data Breaches – Archives trawling
  • Exercise 50 – Tor
  • Exercise 51 – Tor relay challenge
  • Exercise 52 – Installing Tor safely
  • Exercise 53 – Navigating the Dark Web
  • Exercise 54 – Engaging in chat on Tor
  • Exercise 55 – Tor forums and community links
  • Exercise 56 – Extended Tor forums
  • Exercise 57 – Accessing the I2P dark web
  • Exercise 58 – Accessing Freenet dark web
  • Exercise 59 – Beyond the Freenet dark web
  • Exercise 60 – Accessing Open Bazaar and other dark webs
  • Exercise 61 – Finding people/director
  • Exercise 62 – E-mail header analysis
  • Exercise 63 – E-mail address permutations
  • Exercise 64 – E-mail address validation tools
  • Exercise 65 - Domain Name searching to find email address
  • Exercise 66 - Compromised email search tools
  • Exercise 67 - Automated scraping using Kali Linux
  • Exercise 68 - Image and facial searching
  • Exercise 69 - EXIF data
  • Exercise 70 – Extended image and facial searching
  • Exercise 71 - Image analysis (1)
  • Exercise 72 - Image analysis (2)
  • Exercise 73 - Image analysis (3)
  • Exercise 74 - Geolocation challenge
  • Exercise 75 - Facebook practical
  • Exercise 76 - Facebook friend extraction
  • Exercise 77 - Twitter
  • Exercise 78 - Twitter searching
  • Exercise 79 - Social Media searching
  • Exercise 80 - Social Media searching
  • Exercise 81 - Social Media searching
  • Exercise 82 - Social Media searching
  • Exercise 83 - Social Media searching
  • Exercise 84 - Flickr and Pinterest
  • Exercise 84a -Searching a forum, blog, vlog, internet board
  • Exercise 85 – Reddit trawling
  • Exercise 86 - Bitcoin research
  • Exercise 87 - Assassination transaction
  • Exercise 88 - Tracking DPR’s Bitcoin transaction
  • Exercise 89 - How were Tor users deanonymized via their Bitcoin transactions?
  • Exercise 90 – Advanced OSINT
  • Exercise 91 - FOCA (Fingerprinting Organizations with Collected Archives)
  • Exercise 92 - Atomic email hunter
  • Exercise 93 - Using Maltego to perform reconnaissance