Monday, September 17, 2012

Advanced Open Source Intelligence Gathering


 The Internet contains a vast amount of information about people that may be of interest to us.  Police and other Agencies may want to know more about a suspect, a company may want to research the background of a senior candidate or understand the ‘exposure’ of their company or key employees.  Much can be gathered if you know how to exploit online resources.
 
This course focuses on the investigators ability to gather information on people, groups or companies from the Internet in a truly advanced manner.  Rather than just using ‘advanced’ Google searches and other web sites we will be leveraging the tools available to look ‘under the surface’ of the internet, accessing data gleaned by understanding database API’s used by the likes of Twitter, Facebook and others, ‘dark net’ data collection methods and other areas rarely taught.  
The 4 day course is completely hands-on and will teach a range of skills from staying anonymous, bouncing data around the world, setting up false online identities, extracting data using API's, using Patervas awesome Maltego and graphing and visualizing data both historical and in real-time.
We have already begun seeding the Internet with the false identities of subjects that we will be investigating on the course.  The final exam will pit your new skills against the online world as you work to discover all you can about a person, their friends and what they are planning to do!
Other Open Source courses are available, but not like this!
The course will include a 6 month license for Maltego Case File, 6 months VPN access, an encrypted 
hard drive, a large number of software tools and course manual.
The 4 day course is £1800 + VAT 
Nick Furneaux (me!) teaches Law Enforcement agencies all over the world and this is the first time that corporate students have been accepted.
To inquire further please contact me here

Syllabus

Day 1
Understanding the law – what can you do?
Setting up your tool kit
            Encryption of data
            To cache or not to cache
            Benefits of using Virtual Machines
            Adding magic to Firefox
Bouncing anonymously round the world – Proxies and VPN’s
Setting up your own false identities

Day 2
Maltego Case File usage
Aggressive searching – only search the part of the web you need to
            Lots of useful sites to bookmark and try
Searching through maps
            Using social media to ‘see’ an area
What can a web site tell us?
            Who owns it and where are they?
            Blowing a web site apart – mapping a web site in real time
            What did it used to say? - Finding deleted data on the Internet
            Finding hidden links
            Finding documents
            The wonder of Metadata!
Maltego V3!
Google Hacking 101

Understanding email – identification and tracking


Day 3


Finding forums, blogs, websites, IRC entries

            Working with IRC clients

Are you or you organization leaking?

            Using your skills to understand your own vulnerabilities

            Checking if hackers have released your/corporate information

Exploiting Social Networking

Mapping Social Networking accounts and followers

Following the network – don’t forget the family!

Extracting data from Twitter via API

Extracting data from Facebook via API

Facebook ‘naughtyness’

Graphing Twitter data LIVE



Day 4


Geo location possibilities (Where are they, or are they where they say they are?)

EXIF data extraction

Plane and Ship mapping

Enumerating Geo-Coordinates using API

Finding people using public records

Being a bit more aggressive to get IP’s

101 Social Networking – why not just call and ask what you want to know!


Final exam – Full online search and enumeration of a named subject.  Course grade based on details located. (Open book)
Course certificated and graded.

TOTAL COST - £1850 + VAT

1 comment:

Jack said...

Very great way to break down a syllabus. Your article i so detailed i hadn't felt a need to do my research. You write one of the best articles I have read so far!