The Internet contains a vast amount of
information about people that may be of interest to us. Police and other Agencies may want to
know more about a suspect, a company may want to research the background of a
senior candidate or understand the ‘exposure’ of their company or key
employees. Much can be gathered if
you know how to exploit online resources.
This course focuses on the investigators
ability to gather information on people, groups or companies from the
Internet in a truly advanced manner. Rather than just using
‘advanced’ Google searches and other web sites we will be leveraging the tools
available to look ‘under the surface’ of the internet, accessing data gleaned
by understanding database API’s used by the likes of Twitter, Facebook and
others, ‘dark net’ data collection methods and other areas rarely taught.
The 4 day course is completely hands-on and
will teach a range of skills from staying anonymous, bouncing data around the world, setting up false online
identities, extracting data using API's, using Patervas awesome Maltego and graphing and visualizing data both historical and in
real-time.
We have already begun seeding the Internet
with the false identities of subjects that we will be investigating on the
course. The final exam will pit
your new skills against the online world as you work to discover all you can
about a person, their friends and what they are planning to do!
Other Open Source courses are available,
but not like this!
The course will include a 6 month license
for Maltego Case File, 6 months VPN access, an encrypted
hard drive, a large
number of software tools and course manual.
The 4 day course is £1800 + VAT
Nick Furneaux (me!) teaches Law Enforcement agencies all over the world and this is the first time that corporate students have been accepted.
Syllabus
Day
1
Understanding the law – what can you do?
Setting up your tool kit
Encryption
of data
To
cache or not to cache
Benefits
of using Virtual Machines
Adding
magic to Firefox
Bouncing anonymously round the world –
Proxies and VPN’s
Setting up your own false identities
Day
2
Maltego Case File usage
Aggressive searching – only search the part
of the web you need to
Lots
of useful sites to bookmark and try
Searching through maps
Using
social media to ‘see’ an area
What can a web site tell us?
Who
owns it and where are they?
Blowing
a web site apart – mapping a web site in real time
What
did it used to say? - Finding deleted data on the Internet
Finding
hidden links
Finding
documents
The
wonder of Metadata!
Maltego V3!
Google Hacking 101
Understanding email – identification and
tracking
Day 3
Finding forums, blogs, websites, IRC
entries
Working
with IRC clients
Are you or you organization leaking?
Using
your skills to understand your own vulnerabilities
Checking
if hackers have released your/corporate information
Exploiting Social Networking
Mapping Social
Networking accounts and followers
Following the
network – don’t forget the family!
Extracting data
from Twitter via API
Extracting data from
Facebook via API
Facebook
‘naughtyness’
Graphing Twitter data LIVE
Day 4
Geo location possibilities (Where are
they, or are they where they say they are?)
EXIF data
extraction
Plane and Ship
mapping
Enumerating Geo-Coordinates
using API
Finding people using public records
Being a bit more aggressive to get IP’s
101 Social Networking – why not just call
and ask what you want to know!
Final exam – Full online search and enumeration of a named subject. Course grade based on details located.
(Open book)
Course certificated and graded.
TOTAL
COST - £1850 + VAT
