Using web bugs and other technology to locate a suspect
Advanced Dark Web Investigations, Identifying the anonymous user
Todd G. Shipley
President & CEO of Vere Software
STRICTLY Law enforcement, Government, Armed forces and Police ONLY
This 2-day course is designed for government and police investigators, to understand where to start their Darknet investigations and how to operate in this new environment.
Investigators engaged in online investigations of any kind and those using open source (OSINT) analytics, will benefit greatly from this course. Crime analysts, National security investigators, crimes against children investigators, drug investigators will especially benefit.
This is an advanced level course presented from an investigators point of view. Those with a non-technical background will also benefit from the material presented.
The content of this unique course not offered anywhere else. The course material is supported by real world examples and incidents. This is not a general lecture course. This course will provide the student with the understanding of how to accomplish effective investigation of Darknet sites and users. The course will allow Law enforcement to step up their investigative skills to meet the new challenges offered by the anonymity of the Darknet.
The course will be a presentation and demonstration of the techniques. Students are encouraged to follow along during the course on the own laptop or computing devices.
The course is strictly restricted to Government and police as it contains new and innovative methodology and techniques.
The session descriptions below are specifically short so as not to specifically publish specific techniques and methods. This course will fully explore each area during the individual sessions. Use of any of these new and innovative methods and techniques explained during the sessions will be up to the individual and the agencies to implement based on their ability and any legal constraints applied by their jurisdiction.
The course will cover the following topics. The course will cover the following topics:
The Darknet/Dark Web, what it is and what it is not
Understanding what the Darknet really is can be a challenge. The technology behind the Darknet is not a single program or location. This session will explore what the Darknet is and how it differs from the Deepweb.
To Tor or not to Tor
Setting up and using Tor may in itself be easy, but finding what you want on the Tor network can be a challenge. This session will look at the Tor network how it works and methods for using it during an investigation.
CryptoCurrency and its use in the Darknet
New to investigations involving bitcoin? Need to understand how to track the funds through various cryptocurrencies? How do wallets work and is there any evidence I can use when I find one? This session will provide you with the ability to understand and deal with Bitcoin and other cryptocurrencies during you investigations.
Going Undercover on the Darknet
Darknet investigations require the use of a persona like any other investigation. It also requires that you understand the equipment you are using and practice online officer safety techniques specialized for online/Darknet investigations. This session will look at the requirements and investigator has equipment and persona background specializing in Darknet investigations.
Using web bugs and other technology to locate a suspect
How can we locate targets online through the use of various code. How can it be done and what skills does the investigator need. What are the potential legal issues?
Advanced Darknet/Dark Web Investigations, identifying the anonymous user
Are there legally available methods which we can implement to identify anonymous users on the Internet? The answer is definitely yes. This session will discuss the techniques available to the investigator to identify users of anoymization on the Internet.
Bring your own laptop
Whilst every effort will be made to avoid, Due to the nature of the course, and live searching in the dark web, students may be exposed to disturbing or sexual images, profanity and graphic content, beyond the control of the presenter.
Throughout the course, students will participate in hands-on lab exercises. Students are encouraged to bring their own laptops to class that meet the requirements described below.
Students must bring a 64-bit Windows 8/8.1 or Windows 7 laptop to class, preferably running natively on the system hardware. It is possible to complete the lab exercises using a virtualized Windows installation.
Apple laptops can be used if there are able to run a virtualized Windows machine.
Many of the tools utilized in this training require administrative privileges. Students must have administrative access on their Windows host, including the ability to unload or disable security software such as anti-virus or firewall agents as necessary for the completion of certain exercises. Further, students should have knowledge of the local passwords required to manage their system, including local Administrator account passwords, and passwords necessary to make system BIOS configuration changes.
Students can use a virtualized tool within the class for all of the exercises. VMware Workstation, VMware Player or VirtualBox are recommended. VMware Workstation Player and their other tools can be downloaded from the VMware website. VirtualBox can be downloaded from the Oracle website.
Several of the software components used in the course are hardware intensive, requiring more system resources than what might be required otherwise for day-to-day use of a system. Please ensure your laptop meets the following minimum hardware requirements:
Minimum 2 GB RAM, 4 GB recommended
Wireless only access to the Internet will be provided during the course.
30 GB free hard disk space
During the course, you will install numerous tools, and make several system changes. Some students may wish to bring a clean system that is not their everyday production system, or a dedicated Windows virtual machine that meets the minimum requirements for a system, to avoid any changes that may interfere with other system software.
What you will receive
Electronic copy of the course material
Step-by-step instructions for all exercise
Handouts and cheat-sheets for quick reference to detailed intormaiton sources
Course Thumb drive with associated software and resource materia
Other Darknet resources
Identifying what your browser says about you
Making your own Web Bugs
Making your own Tor Hidden Services
About the instructor
Todd G. Shipley is a globally recognized expert on Internet Investigations. He has 25 years of law enforcement experience. As a Detective Sergeant he supervised the Financial and Cybercrime units for the Reno, Nevada Police Department starting the first cybercrime unit in the State of Nevada. He is also a IACIS Certified Forensic Computer Examiner.
He writes on the topic of cybercrime and is co-author of Investigating Internet Crimes, An introduction to solving crimes in cyberspace. He is the featured Internet crime expert in the movie “Deepweb” directed by Alex Winter. He is a patent holder and inventor of the software WebCase designed to aid investigators collect defensible online evidence during their investigations.
Mr. Shipley presents this and other subjects to government, law enforcement and investigators around the world, both independently, and at ISS world training events. He is a lecturer for the Canadian Police College, the University of Nevada, Reno and the National Association of Attorneys General.
February 23-24, 2017 Washington, DC
Click Here to Register one person for $1,295 USD or register two people for $1,995 USD (2 registrations = $997.50 per person)