Open Source Investigations Day 1 provides an overview of OSINT and the intelligence cycle.  Attendees will understand the importance of anonymity and the need for focus on methodology over tools.  Day 1 focuses on online people investigation skills with numerous hands-on exercises to practice what you learn.

Topics include:
Privacy & Anonymity
Investigation Platform- virtual machines, emulators, sock puppets, mobile phones
Search Engines – advanced search operators, reverse image searching
Collection & Preservation – recording and collecting OSINT findings
Deleted Content – archives and cached
Verification and Provenance
People Investigation Skills – making use of usernames, cell phones, email addresses, and other identifying information
Social Media – locating relevant data, confirming accounts, capturing evidence, and understanding platform features

Open Source Investigations Day 2 (PREREQUISITE, OSINT DAY 1)  provides an in-depth exploration of location and event investigations. Attendees will learn techniques for geolocating images, collecting evidence as events happen, and the value of social media for location and event investigations.  Day 2 provides active learning opportunities with 10 hands-on exercises and case studies.

Topics include:
OSINT Methodology Review
Locations & Events – investigating places, events, and incidents
Geolocation – using images and context clues to determine location
Photos & Metadata – Image analysis and extraction of metadata
Live OSINT – locating relevant data as live events happen
Maps, Satellite Imagery and Transportation investigations
Using Social Media platforms for collecting evidence in real-time or after incidents
Social Media heat maps and hashtags
OSINT for vulnerability assessments

Open Source Investigations Day 3 (PREREQUISITE, OSINT DAY 2) is an advanced course with a focus on business investigations, online due diligence, and dark web investigations.  Day 3 explores the more technical aspects of open-source investigations.   Attendees participate in numerous hands-on activities and a CTF to practice what they have learned.

Topics include:
Business Investigations and due diligence basics
Domains and websites
Email Headers & IP Addresses
Using wireless networks and MAC ID for investigations
International Business Investigations
Dark Web, Tor walkthrough and introduction to cryptocurrency
Tor investigations and Pastebins
Breach data access and ethical considerations
Capture the Flag