Cybercrime Investigation Training

Embark on a comprehensive journey into the world of cybercrime investigations. This course covers foundational networking knowledge, enabling participants to navigate internet services and understand cyber threats without relying on third-party tools. Dive into the intricacies of phishing, smishing, and whaling, and learn to investigate using advanced tools and methodologies. Unravel hidden services like the Darkweb, Telegram, and VPNs, and get acquainted with the challenges of cryptocurrency and malware investigations. By the course’s end, participants will be equipped with the expertise to tackle the multifaceted landscape of modern cybercrime.

Manuel Borrego has over 28 years of experience in the IT field, specializing in cybersecurity, network forensics, and tactical hardware & software solutions. As the founder of the "Sistemas Especiales tech and tac" unit within Spain's National Police, he developed critical technologies and protocols still in use by tactical units today. Manuel has contributed to international intelligence operations, designed patented network forensics tools, and led the creation of innovative technical solutions. He continues to train and mentor the next generation of forensic examiners, while leading GRK Systems in developing advanced cybersecurity solutions.

Day 1

Topics: Network Basics; IP v4/v6, Hands on with WireShark Focus: VPN/Proxies/ TOR, Darkweb, Emails, Anonymity Students will learn how networking works and how to work with low level tools like Wireshark, to understand how protocols and services work, and be able to investigate cybercrimes without the support of 3rd party tools. Students will also learn how most common internet services used for scamming works.

Day 2

Topics: 3rd Party Tools and Services, i.e.: Maltego, ipInfo, domain tools, Focus: Phishing – Types, Sources, Investigating them The student will have hands-on with various tools which will help to investigate most of the scam techniques. Starting with phishing, the most used scam techique, students will learn how they work, their types and how to investigate them. Students will work with with real cases and learn how organizations clear their traces and what information is useful in investigations.

Day 3

Topics: Smishing and Whaling Focus: Investigating both Smishing and Whaling, as well as Vector Attacks/Dumps While two of the lesser known cybercrime types, they are the most profitable ones. Smishing targets any citizen, while Whaling targets CEOs and executives, and infiltrates into the cortex of the organization. Students will learn how to investigate these attacks and how to get the most information from the crime organization.

Day 4

Topics: Hidden Services: Telegram, Darkweb, VPN/Proxes/TOR, Crypto Focus: Third-party tools: Kela, Tracking and Investigating The usage of hiding services is one of the most common techniques used by scammers to protect their identity. By knowing how they work, students will understand how difficult it is to investigate these crimes and the resources they have to get the most information from a case. The session will end up with an intro to Crypto, from tracking to investigation.

Day 5

Topics: Malware Types Focus: Malware Investigations; Analysis, Detection, Domain/IPS After playing with the basic scam techniques, the last day will be used to deal with the more nefarious online frauds. Students learn how criminals gain access to files and how they encrypt them for ransom. The course culminates with students leveraging their newly acquired knowledge and skills, and to get valuable info for investigators.

• Windows PC with two (2) USB A ports.
• Windows OS
• macOS with Bootcamp Windows
• macOS alone will not work (No Virtual Machines)
• 8GB RAM (minimum)
• 100GB storage (minimum)
• You must have admin rights or have the admin password for software installation.
• NOTE: ALL Windows updates should be done prior to class.