Jane’s Advanced Open Source Intelligence Exploitation Workshop 14-16 November

alt text

Tuesday, Nov 14, 2017

    • 9:00 amDay 1: Block One – Advanced Search and Retrieval Techniques
      • Introduction – Case study analysis: applying OSINT to investigations
        A series of threat and exploitation case studies will provide operationally- relevant examples of how a multitude of specialist OSINT methods and techniques can be employed to profile an investigative target from indirectly available information.
      • Internet Search Methodology
        A short but vital lecture summarizing the essentials of online investigatory practices, overcoming the common pitfalls of even seasoned investigators.
      • Google - Advanced parameters and “Google Hacking”
        A deeper examination of the uses and limitations of search engines such as Google, introducing trainees to less well known tools and search methods. Delegates will be shown how to uncover sensitive information on targets and their infrastructure, otherwise obfuscated by the wealth of data returned from a typical search results.


        • Advanced use of search engines, beyond normal keyword searches, to constrain returned data to relevant and sensitive material
        • Understanding of wide range of alternative and specialist search engines
        • Introduction to construction of highly detailed search criteria in order to locate and potentially access target infrastructure
      • Leaked data – the perils and the utility
        Students will be shown the use of a vast offline dataset of previously leaked corporate and personal data and walked through the methodology of an attacker as they use the data to target individuals and organisations for tracking, hacking, data theft and extortion.


        • Assessment of the usability of captured/lost data as part of an attack
        • Considerations of the value of database building for target correlation
      • Mapping tools - “Geo-reconnaissance”
        Exploring a range of web-based tools offering geographical information. Delegates will be introduced to a range of geographically-oriented data sources available online to assist in the tracking of targets.


        • Understanding of wide range of geographical data repositories and potential tactical application
        • Identifying individuals from mapped media
        • Identifying and tracking passenger transport

Wednesday, Nov 15, 2017

    • 9:00 amDay 2: Online Security/Expanding Online Investigative Skills and Toolsets
      • Covert activity and online tradecraft: your digital footprint
        What can the sites that you visit can see about you? More than most investigators realise. This module addresses aspects of maintaining anonymity online, from use of VPN and proxies through to more intricate considerations of a user’s pattern of activity online. The visibility of personal details to webmasters is demonstrated, and delegates are shown the power and security of virtual machines as vital investigator tools.


        • Developing strong tradecraft to espionage or ‘hacker’ standards
        • Multiple techniques in concealing location and unique ‘hardware fingerprinting’ threats which may reveal identities
        • Creating multiple online footprints
        • Understanding of how pattern of life threats undermine technical security
      • Introduction to Linux - broadening the investigator’s toolbox
        An accessible introduction to the Linux command line and the wealth of pre-loaded tools within free Linux distributions for harvesting target data and decompiling websites. Delegates unfamiliar with non-Windows operating systems are carefully walked through a range of tools which offer immediate investigatory value even to novices.


        • Basic familiarity with Linux, developing comfort with non-Windows applications
        • Discovery of advanced intelligence gathering tools under non-Windows OS
        • Appreciation of security benefits in the use of virtual machines to conduct operations
      • Infrastructure and organisational mapping
        Students will be introduced to combined OSINT data seizure and network mapping software in order to greatly enrich and accelerate their targeting of individuals and organisations. This module greatly increases the ability to exploit social media as covered the previous day.


        • Confidence and aptitude in the use of network mapping software to highlight connections between targets
      • Wi-Fi exploitation
        An illustration of a much-overlooked area of open source intelligence - wireless data. Delegates are guided through a hands-on practical, introducing the power of target geolocation along with demonstrations of vulnerability to decryption attacks - all achieved with open-source software. Underlining this module is the concept of fusion of allsource intelligence into a single OSINT framework.


        • Understanding of substantial OpSec threat against friendly forces from wi-fi, both in terms of pattern-of-life tracking and data seizure
        • First level hands-on experience of wi-fi exploitation to promote understanding
        • Broadening the concepts of what constitutes open source and its fusion to create powerful targeting capability
        • Consideration of tactical applications of wi-fi in tracking and exploiting targets
        • Consideration of denial of service (DOS) threat against friendly infrastructure

Thursday, Nov 16, 2017

    • 9:00 amDay 3: Capstone Exercises

      Consolidation exercises

      A series of final exercises combines and reviews skills adopted over the preceding days, based on the investigation of a specified target of interest. Within a simulated ‘ops room’ environment and starting with the most minimal of leads, trainees will work together to gradually build up an intelligence pack detailing the target’s activities from a range of OSINT sources.

      These will be challenging exercises that will demand team work and task splitting as the exercise tempo gets exponentially faster.

Filter Sort