About this course

Course type Premium
Course code QACYIC
Duration 1 Day

In a pupose built state of the art cyber lab, delegates will have hands-on application and exposure to cyber investigations and simulated challenges utilising a wide range of OSINT tools and techniques.

Following the completion of the Open Source Intelligence (OSINT) & Dark Web boot camp (QAOSCIDWBC) delegates will have the opportunity to put the skills they have learnt to the test in a cyber investigator ‘capture the flag’ (CTF) event. This will involve four challenge rounds.

Rounds 1-3 will be cyber investigator knowledge check, through a series of practical tasks and questions.

Round 4 is the final exercise based on a real life scenario. This will be time critical, requiring team working and problem solving.

The final scenario will evolve based on the actions of the delegates and what information they have obtained. Delegates will need to interpret the data quickly and decide what is relevant or not. They will be required to keep a running log of what they are doing, that can analysed and teaching points or suggestions provided and this will help to reinforce their learning.


This course is suitable for cyber investigators from law enforcement, government, public and private industry.

All of these scenarios will help to refine their skills and techniques to become efficient and effective at finding key pieces of intelligence on the Internet and Dark Web. The Dark Web is at the forefront of criminal innovation and understanding how it works is the first step in being able to combat the illegal activities that go on there. This practical cyber investigator CTF event will allow delegates to put the skills they have learnt into practical test into a real life environment.

We recommend that delegates have a working knowledge of true OSINT tools and techiques, have attended the QA Open Source Intelligence (OSINT) & Dark Web courses.


Delegates will learn how to

Delegates will learn how to use OSINT investigation tools and techniques, including;

  • Applying advanced search engine techniques
  • Using websites to find information on people and companies
  • Analysing website source code for investigative purposes
  • Using deep web sites and directories
  • Using social media for investigation and intelligence purposes
  • Practical use of geolocation
  • Accessing influential internet communities
  • Advanced software required for safe internet investigations
  • Using anonymity and encryption applications
  • Using bulletin boards and chatrooms
  • Using the Tor Protocol and Network


Where applicable our QA OSINT instructors have a law enforcement, internet investigations and digital forensics practitioner experience aligned to the best practice standards, including ISO17025.

Round 1

Round 1 - Practical tasks and questions on the use of search engines to find information, locating people and company information. Using social media to obtain information and intelligence. Participants will be encouraged to install and use software such as Maltego, Tails, Portable Apps & Pendrive Linux. (1 hour)

Round 2

Round 2 - Practical tasks and questions on the use of internet communities, forums, bulletin boards and chatrooms. Use of advanced searching, source code analysis and HTML. Mobile devices threats and opportunities. Using Virtual Machines, Sandboxing, and other software tools such as Tails, Kali Linux and Wireshark. Finding and using intelligence exposed by hackers and criminals online. Encryption. (1 hour)

Round 3

Round 3 - Practical tasks and questions on Geolocation, Tor, Tor apps, Dark Web and Tor Hidden Services, Bitcoin and Virtual Currencies. (1 hour)

Round 4

Round 4 Final Exercise – Opportunity to put all the information learnt into an exercise based on real life scenario. The scenario will evolve depending on the actions of the users. There will also be an opportunity to have debrief and discuss their progress, learning points, any legal or practical issues arisen. (90 minutes)
The final exercise is based on a bogus company, which is developing a new form of malware. It offers people free virus protection and other free software, some of which contain “Trojans” other “malware” etc.

Premium Course

1 Day


This course is authored by QA

Delivery Method

Delivery method


Face-to-face learning in the comfort of our quality nationwide centres, with free refreshments and Wi-Fi.

Find dates and prices

Online booking is currently not available for this course, to find out more please call us on 01753 898320 or email us at info@qa.com to discuss how we can help.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.