OSINT: Online Investigations (Virtual Course)

Open enrolment and in-house options available

Our five-day Online Investigations course will give you the mindset, skillset and toolset needed to investigate organisations, individuals, websites and other digital entities or interest. We'll walk you through a detailed portfolio of investigative strategies and show you how you can mine the web for information on your targets. We’ll also show you how to secure the data you collect, and how to interrogate it using device-based AI tools.

View Dates and Register Request in-house course

Course Outline

Effective Investigations

Course Introduction

  • A typology of online targets
  • The mindset of an effective investigator
  • The skillset and toolset of the investigator
  • Ground rules for internet investigators
  • Investigative challenges and trade-offs

Planning and Management for Online Investigators

  • Defining your requirements
  • Defining the scope of your investigation
  • Defining and working to your legal obligations
  • The “Getting Started” checklist

Setup and OPSEC

  • Browser set up and configuration
  • Essential browser extensions
  • AI workplace setup
  • OPSEC for investigators

Capturing and Organising Your Evidence

  • Documenting your investigations
  • Working with data capture tools
  • Working with target profiles and templates
  • Recommended tools and extensions  

Validating Your Data

  • Data validation schemas
  • Data validation strategies
  • Legal admissibility tests

Investigating Individuals

Introduction to People Search

  • The people search process
  • Common people search challenges

Investigating People Online

  • Recommended search strategies
  • Recommended search tools
  • Recommended search queries
  • Working with search operators
  • Working with URL parameters
  • Working with key identifiers
  • Working with people search tools
  • Mapping an individual’s online footprint
  • Building your target profile

Investigating User Profiles

  • Investigating names and usernames
  • Investigating avatars and profile photos
  • Investigating profile content
  • Investigating comments and interactions
  • Investigating friends, family and followers

Investigating Emails

  • Finding emails
  • Working with email permutation tools
  • Investigating and validating email addresses
  • Working with lookup tools

Investigating Phone Numbers

  • Finding phone numbers
  • Permutating phone numbers with AI
  • Investigating and validating phone numbers
  • Working with lookup tools
  • Working with mobile apps

“Grey” OSINT – Strategies and Sources

  • Working with breached data
  • Working with archived data
  • Recommended sources
  • Legal and ethical considerations

Geolocating Individuals

  • Mining for geospatial identifiers
  • Mining for geolocational data
  • Geolocating through imagery data
  • Geolocating through IP and technical data

Investigating Organisations

Target Footprinting and Research

  • Footprinting your target
  • Indexing identifiers
  • Recommended search strategies
  • Recommended search tools
  • Recommended search queries
  • Working with research templates

Investigating Owners and Associations

  • Investigating beneficial owners
  • Investigating subsidiaries
  • Working with official records and registries
  • Working with news and industry sources
  • Working with corporate media
  • Investigating clients and business partners
  • Monitoring your target


Investigating Websites 

Introduction to Web Intelligence (WEBINT)

  • Internet fundamentals for investigators
  • WEBINT targets
  • Essential WEBINT tools and extensions

Getting Started

  • Generating the DNS record
  • Generating the WHOIS / RDAP record
  • Querying record data
  • Footprinting your target

Working with IPs

  • Working with IP data
  • Reverse IP checks
  • Investigating IP histories
  • Dedicated hosting checks

Working with Domains

  • Investigating domains and subdomains
  • Investigating inbound and outbound links
  • Investigating site content
  • Investigating web caches and archives
  • Generating site maps

Working with Technical Identifiers

  • Working with IDs and unique identifiers
  • Analysing site technologies
  • Risk profiling a URL

Identifying Site Owners

  • Identifying and validating site owners
  • Finding contact details
  • Recommended investigative strategies

Working with Metadata

  • Introduction to metadata 
  • Working with document metadata 
  • Working with image / video metadata 
  • Metadata extraction tools 
  • Running metadata investigations 

Working with Maltego / AI Tools

Working with Maltego

  • Set up and configuration 
  • Security considerations
  • Understanding the Maltego interface
  • Working with entities
  • Working with transforms
  • Working with machines
  • Running investigations in Maltego
  • Vetting and validating your results

Working with AI Tools

  • Installing and running a private LLM
  • Indexing your evidence
  • Interrogating your evidence
  • Generating investigative leads
  • Validating LLM outputs

Exercises

  • End of course exercises / case studies
View Dates and Register Request in-house course

Course Details

Who is this Course For?

This course is intended for investigators working in a security, intelligence or law enforcement role. It is also relevant to professionals working in such roles as due diligence, corporate investigations, anti-fraud and cyber threat intelligence.

How You Benefit

On completion of this course, you will have the ability to:

  • Understand the elements of a successful online investigation
  • Use structured approaches to streamline your investigations
  • Apply a broad range of investigative tools and strategies
  • Capture, organise and validate evidence
  • Use investigative software to generate leads
  • Use AI to interrogate the evidence you collect
  • Conduct your investigations legally and ethically

What You Receive

  • A full set of course slides / user guides in PDF
  • Tip sheets and cheat sheets to enable rapid learning
  • An index of recommended search queries for investigators
  • An index of investigative workflows
  • Templates to capture and organise investigative data
  • Templates to generate written reports
  • Six months of post-course support
  • A certificate of completion

Course Fee

EUR 1,900

Course Prerequisites

We recommend that participants wishing to take our Online Investigations course first complete our OSINT: Foundations course and / or our OSINT: Advanced Search Skills course to understand the technical standards and operating principles that underpin our approach to data collection and analysis.

Course Requirements

Please bring a Windows or Mac laptop and ensure you have full administrative rights to this device. Please also install Maltego CE and set up a Google account to facilitate the use of different tools. Additional software requirements will be sent prior to the start of the course.