Advanced Cyber Crime Investigator

This is a practical three-day workshop that enables attendees to investigate serious and complex cyber crime.

By request Booking

Contact us to get details
No. of attendees

Advanced Cyber Crime Investigator


  • No dates

Training is bespoke for your own business or organisation. This is a hands on, practical and immersive module suitable for those who investigate serious and complex cyber enabled and cyber dependent crime.

Attendees will undertake a number of online exercises throughout the module with a final exercise using the skills developed throughout the module. This module is designed to be delivered over 3 days.

Key Learning Points

At the conclusion of this workshop, attendees will be able to:

  • Describe methods used by hackers and hacktivists and how to conduct investigations against them
  • Describe and identify technical tools used in the commission of cyber crime
  • Demonstrate the use of WiFi in cyber crime investigations
  • Conduct enhanced internet investigations using open source intelligence
  • Discuss the role of the Deep and Dark Web in cyber crime
  • Demonstrate the handling and investigation of Unix based systems
  • Describe the international organisations and partners that can support a complex cyber crime investigation
  • Prepare and present case papers to a prosecutor as they relate to a complex cyber crime investigation

Module 1

Module Opening

1.0.1    Health and Safety
1.0.2    Module Outline
1.0.3    Learning Outcomes and Timetable
1.0.4    Introductions

Review of Foundation Course Learning

1.1.1    What is cybercrime?
1.1.2    Computer networks and the Internet
1.1.3    Digital forensic principles
1.1.4    Identification, securing and presenting digital evidence

Investigation of Hacking and Denial of Service (DOS, DDOS) crimes

1.2.1    The hacking cycle
1.2.2    Who are the hackers?
1.2.3    Types of hacking attack
1.2.4    Preventing and identifying hacking attacks
1.2.5    Investigative techniques in hacking crimes
1.2.6    Investigative techniques in denial of service crimes

Technical Tools and Techniques Employed by Cyber Criminals

1.3.1    Online hacking tools
1.3.2    Installable hacking tools
1.3.3    Social engineering techniques
1.3.4    Hacker forums and channels (clear and dark web)
1.3.5    Data leaks and distribution of data
1.3.6    Penetration testing
1.3.7    Virtualisation

Module 2

Introduction to Wi-Fi and Passive Wi-Fi Surveys

2.1.1    Description of Wi-Fi
2.1.2    Optimising Wi-Fi signal and reception
2.1.3    Wi-Fi signatures and probes
2.1.4    Wi-Fi passive survey tools
2.1.5    Wi-Fi capture tools
2.1.6    Wireshark and capture analysis

Enhanced Open Source Tools and Techniques

2.2.1    Commercial open source tools
2.2.2    Enhanced free open source tools
2.2.3    Social media exploitation
2.2.4    Geolocation tools and services
2.2.5    Data mapping and analysis
2.2.6    Digital image analysis
2.2.7    Email analysis

Module 3

Investigating the Deep Web and TOR

3.1.1    What is the Deep Web?
3.1.2    What is the Dark Web?
3.1.3    Hidden tools and services
3.1.4    Internet relay chat (IRC)
3.1.5    Alternative dark web networks

Dealing with Apple and Unix Based Systems

3.2.1    Introduction to Unix and Linux systems
3.2.2    Introduction to Mac OS
3.2.3    Capturing evidence from Unix, Linux and Mac OS
3.2.4    Unix based forensic tools

International Partners and Law Enforcement Procedures

3.3.1    European partnerships
3.3.2    International partnerships
3.3.3    MLAT and other treaties
3.3.4    Computer Emergency Response Team (CERT)

Preparation and presentation of digital evidence in a complex cybercrime investigation

3.4.1    Sanitisation and redaction of complex digital material
3.4.2    Providing material to defence advocates
3.4.3    Challenges in dealing with prosecutors and judiciary
3.4.4    Proving integrity and chain of custody

Module 4

Final Exercise

4.1.1    Exercise briefing
4.1.2    Exercise supported by trainers

Final Exercise Debrief

4.2.1    Exercise Debrief
4.2.2    Review of learning points from exercise

Review of Learning

4.3.1    Review of course learning outcomes
4.3.2    Summary of principles discussed
4.3.3    Distribution of course USB thumb drive
4.3.4    Question and Answer session

Module Closure

4.4.1    Review of learning outcomes
4.4.2    Feedback from delegates
4.4.3    Presentation of certificates of attendance