Internet Investigation TIG Update - 28.11.21

A few open discussions are currently being held in the II TIG that are relevant and valuable to Online Investigators.

1. The training search tool.

The TIG is working on a business case for a solution that OSINT experts can use to identify and review various training courses available for practitioners in Europe. This solution would ideally provide a single view for all relevant commercial and LEA-led courses that can increase the skills and competencies of European LEAs working in Internet Investigations.

2. A list of tools and solutions used to support OSINT analysts and investigators.

The II TIG will compile a list of tools and solutions based on the feedback given by various EU LEAs that are actively using the solutions in operational environments.

3. Training and management event in Brussels, Belgium.

Through dedicated one-day training, members of ENLETS Internet Investigations TIG can benefit from a detailed and thorough practical training delivered by Marco Corradin – an OSINT specialist working for the National Police of the Netherlands. During the training, practitioners will learn how to capture network traffic to find the non-public API calls and use them to efficiently scrape further information. 

The event will specifically address:

Packet forging

• Learn more about the HTTP protocol, RFC standards and common understanding of network traffic
• Learn how to clone network packets from browsers and forge your own packets

Sniffing non-public APIs from Android apps:

• Learn how to set up a MITM proxy.
• Learn how to find API endpoints from android apps and forge your own packets based on these endpoints.

Bonus: Learn how to bypass SSL pinning by using Frida (dynamic code injection in runtime).

If you are active with intel gathering on the internet and want to enhance your skills, this course is for you. Please submit your interest here (The registration closes 17.12.21!).