DIGITAL FORENSICS AND INCIDENT RESPONSE (DFIR)

"These programs were never about terrorism: they're about economic spying, social control and diplomatic manipulation. They're about power." (Edward Snowden)

BASIC STRATEGY

Crime Triangle

Basic Investigative Metodology

• 5W: Who, What, When, Where and Why
• PDCA Cycle: Plan, Do, Check and Act
• Root Cause Analysis (RCA):

Identify and describe the problem clearly
Establish a timeline from the normal situation until
the problem occurs
Distinguish between the root cause and other causal
factors (e.g., using event correlation)
Establish a causal graph between the root cause
and the problem

The criminal investigation must be protected from leaks by following a logical sequence:

Exhaust the data collection in open sources (OSINT) or closed sources (CSINT);
Hidden monitoring and tracking measures (SIGINT, HUMINT...);
With concrete evidence of the practices investigated and exhaustion of remote possibilities, launch the operation itself with the publication of the investigation. At this stage, search and seizure warrants, temporary or preventive arrest and statements will be taken.

FORENSIC SUITES

FLOSS
Free/Libre and Open Source Software

PROPRIETARY
Cyber-surveillance Industry

• Kali Linux
https://kali.org
• Drive Badger
https://drivebadger.com (GitHub)
• SIFT Workstation
https://sans.org/tools/sift-workstation
• Parrot Security
https://parrotsec.org
• CAINE
https://caine-live.net
• CSI Linux
https://csilinux.com
• Avilla Forensics
https://github.com/AvillaDaniel/AvillaForensics
• IPED
https://github.com/sepinf-inc/IPED
• Debian Forensics Package
https://packages.debian.org/unstable/forensics-all
• Mobile Verification Toolkit (MVT)
https://docs.mvt.re/en/latest
• Tsurugi Linux
https://tsurugi-linux.org/
• REMnux
https://remnux.org
• Bitscout
https://github.com/vitaly-kamluk/bitscout
• Eric Zimmerman's tools (Freeware)
https://ericzimmerman.github.io/#!index.md
• Paladin® (Freeware)
https://sumuri.com/software/paladin/
• Forensic Toolkit (FTK)® - Lite (Freeware)
https://exterro.com/forensic-toolkit
• Magnet Forensic® - Mobile Extractor (Freeware)
https://magnetforensics.com
• Windows® Forensic Environment WinFE (Freeware)
https://winfe.net
• NirSoft® (Freeware)
https://nirsoft.net
• MiTeC® (Freeware)
https://mitec.cz
• Medusa Box® (Easy J-TAG)
https://medusabox.com
╰┈➤Models Features
╰┈➤Aliexpress
• Octoplus Box® (Easy J-TAG)
https://octoplusbox.com
╰┈➤Models Features
╰┈➤Aliexpress

• Cellebrite®
https://cellebrite.com
• NSO Group®
https://nsogroup.com
• Cognyte®
https://cognyte.com
• Check Point®
https://checkpoint.com
• Team Cymru®
https://team-cymru.com
• BriefCam®
https://briefcam.com/
• Forensic Toolkit (FTK)®
https://exterro.com/forensic-toolkit
• Magnet Forensic®
https://magnetforensics.com
• Variston®
https://variston.net
• Intellexa®
no refer
• Cytrox®
no refer
• Cy4Gate®
https://cy4gate.com/
• PARS Defense®
https://parsdefense.com
• Candiru®
https://saito.tech/
• Harpia Tech®
https://harpia.tech
• Visual Cortex®
https://visualcortex.com
• Oxygen Forensic®
https://oxygen-forensic.wedatasolution.com
• MSAB®
https://msab.com
• GMDSOFT®
https://gmdsoft.com
• Verint Systems®
https://verint.com
• Cyber Arm®
https://cyber-arm.com/services
• Cobalt Strike®
https://cobaltstrike.com
• Lumi Networks®
https://lumi.network
• Clear View AI®
https://clearview.ai
• Lockheed Martin®
https://lockheedmartin.com/
• MOBILedit®
https://mobiledit.com
• Crowd Strike®
https://crowdstrike.com
• Binalyze®
https://binalyze.com
• LexisNexis®
https://risk.lexisnexis.com
• NetQuest®
https://netquestcorp.com
• Gamma®
https://gamma.co.uk
• Memento Labs®
https://mem3nt0.com
• CYSource®
https://cysrc.com
• Maltego®
https://maltego.com
• Thorn's Safer®
https://thorn.org

_{Browse: https://dimse.info}

FORENSIC TOOLS

• Evidence ProjectForensics Tools Catalogue

https://dftoolscatalogue.eu

• NIST - Forensics Tools Catalogue

https://toolcatalog.nist.gov

• S&T partners and NIST - Computer Forensic Tool Testing (CFTT)

https://dhs.gov/science-and-technology/nist-cftt-reports

_{Interesting information
• Beyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)
• Burn, drown, or smash your phone: Forensics can extract data anyway
• How law enforcement gets around your smartphone’s encryption
• Cellphone data used to solve murder case from 2 years ago, police say
• The Stingray: How Law Enforcement Can Track Your Every Move
• Police are tracking you and your license plates
• SCOTUS: Police Need Search Warrant to Ping cell Phones
• EFF to Michigan Court: Governments Shouldn’t Be Allowed to Use a Drone to Spy on You Without a Warrant
• Motion to Suppress Aerial Surveillance Evidence in U.S. vs Muhammed Momtaz Alazhari
• Researchers Find Way to Steal Encrypted Data - NYT (2008)
• “Reverse Location Search Warrant”: A New Personal Data Hoovering Exercise Brought to You by Google (2019)
• As UN Human Rights Chief Urges Stricter Rules, Snowden Calls for End to Spyware Trade (2021)
• Forensics Journal Comparative analysis of mobile forensic proprietary tools: an application in forensic investigation (2022)}

INTERCEPTION PLATFORMS

Comparison between Drive Badger (GitHub) with other lawful interception platforms. Visit: Official sheet or the PDF version in our repo. _{Credits for the panel: Tomasz Klim.}

Exploit and Spyware Vendor

Zero-day Exploit (2023)	Associated Spyware Vendor
CVE-2023-28205 and CVE-2023-28206 (Apple iOS)	Variston (BridgeHead)
CVE-2023-2033 (Google Chrome)	Intellexa/Cytrox (Predator)
CVE-2023-2136 (Google Chrome)	Intellexa/Cytrox (Predator)
CVE-2023-32409 (Apple iOS)	Variston (BridgeHead)
CVE-2023-3079 (Google Chrome)	Intellexa/Cytrox (Predator)
CVE-2023-41061 and CVE-2023-41064 (Apple iOS)	NSO Group (Pegasus)
CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993 (Apple iOS)	Intellexa/Cytrox (Predator)
CVE-2023-5217 (Google Chrome)	Candiru (DevilsTongue)
CVE-2023-4211 (Arm Mali GPU)	Cy4Gate (Epeius)
CVE-2023-33063 (Qualcomm Adreno GPU)	Variston (BridgeHead)
CVE-2023-33106 and CVE-2023-33107 (Qualcomm Adreno GPU)	Cy4Gate (Epeius)
CVE-2023-42916 and CVE-2023-42917 (Apple iOS)	PARS Defense
CVE-2023-7024 (Google Chrome)	NSO Group (Pegasus)

NATIONAL CYBER SECURITY AGENCIES

US — CISA CA — Cyber Americas — CSIRT	EU — ENISA UK — NCSC NL — NCSC DE — BSI FR — ANSSI ES — CCN-CERT IT — ACN HU — NKI CZ — NUKIB NO — NCSC	IS — INCD AU — Cyber NZ — CERT NZ — NCSC	KR — KISA JP — Cert JP — NISC SG — CSA

${\color{Blue}\textbf{1.PASSIVE FORENSICS}}$

👷🛠️UNDER CONSTRUCTION🚧🏗

1.01 Forensic standards

Visit our repo tree: 2.FORENSIC

Standards

NIST — National Institute of Standards and Technology

Visit: https://nist.gov/standards

ASTM International

Subcommittee E30.12 on Digital and Multimedia Evidence

Visit: https://www.astm.org/get-involved/technical-committees/committee-e30/subcommittee-e30/jurisdiction-e3012

The PCI Security Standards Council (PCI SSC)

Visit: https://www.pcisecuritystandards.org

ISO/IEC — International Electrotechnical Commission

Visit: https://iso27001security.com

Official - Information security, cybersecurity and privacy protection — https://iso.org/standard/27001

RFC

Best Current Practices (BCP)

Standards

Informational

Experimental / Historic

1.02 Forensic certs & training

1.03 Online forensic tools

• Message Header Analyzer - https://mha.azurewebsites.net
• Message Header Analyzer - https://github.com/microsoft/MHA
• PhishTank - https://phishtank.org
• Simple Email Reputation - https://emailrep.io
• Whois - https://iana.org/whois
• ViewDNS - https://viewdns.info
• WhoisMyDNS - https://whoismydns.com
• NSLookup - https://nslookup.io
• My-Addr - https://my-addr.com
• Malpedia - https://malpedia.caad.fkie.fraunhofer.de
• CVE Details - https://cvedetails.com
• Exploit Database - https://exploit-db.com
• FileInfo - https://fileinfo.co
• xCyclopedia - https://strontic.github.io/xcyclopedia
• The Windows Binary Index - https://winbindex.m417z.com
• Palo Alto Applipedia - https://applipedia.paloaltonetworks.com
• Windows Securitiy Logs - https://ultimatewindowssecurity.com/securitylog/encyclopedia
• Internet Archive (WayBackMachine) - https://web.archive.org
• Archive web content - https://archive.ph
• Internet Archive - https://archive.org
• HTTrack - https://httrack.com
• IPVOID - https://ipvoid.com
• AbuseIPDB - https://abuseipdb.com
• Grabify IP Logger - https://grabify.link/
• IP Logger - https://iplogger.org
• IP Tracker - https://iplogger.org/ip-tracker
• IP Location Tracker - https://iplogger.org/location-tracker
• IP Location - https://iplocation.net
• URL Checker - https://iplogger.org/url_checker
• MAC Address Lookup - https://iplogger.org/mac-checker
• MAC Vendor - https://macvendors.com
• IP API
- ip-api - https://ip-api.com
- ipify - https://ipify.org
- ipapi - https://ipapi.co
- vpnapi - https://vpnapi.io
- ipapi - https://ipapi.com
• The ZMap Project - https://zmap.io
• WiGLE - https://wigle.net
• urlscan.io - https://urlscan.io
• Virus Total - https://virustotal.com
• Hybrid Analysis - https://hybrid-analysis.com
• Cuckoo Sandbox - https://cuckoo.cert.ee
• AlienVault OTX - https://otx.alienvault.com
• IBM X-Force Exchange - https://exchange.xforce.ibmcloud.com
• Cisco Talos - https://talosintelligence.com/reputation_center
• Maltiverse - https://maltiverse.com/collection
• GreyNoise - https://greynoise.io
• SANS Internet Storm Center - https://isc.sans.edu
• Intelligence X - https://intelx.io
• MetaDefender Cloud - https://metadefender.opswat.com
• RiskIQ Community Edition - https://community.riskiq.com/home
• Pulsedive - https://pulsedive.com
• Valhalla YARA Rules - https://valhalla.nextron-systems.com
• ANY.RUN - https://any.run
• Binvis - https://binvis.io
• JoeSandbox - https://joesandbox.com
• Verexif - https://verexif.com/en/
• Reverse Shell Generator - https://revshells.com
• Rainbow Tables (Hashes) - https://hashes.com/en/decrypt/hash
• File Signatures ("Magic Numbers") - https://en.wikipedia.org/wiki/Magic_number_(programming)
• List of File Signatures - https://en.wikipedia.org/wiki/List_of_file_signatures
• CyberChef - https://gchq.github.io/CyberChef
• explainshell - https://explainshell.com
• Epoch Converter - https://epochconverter.com
• Regex - https://regex-generator.olafneumann.org
• DeHashed - https://dehashed.com
• Dencode - https://dencode.com
• Commonly Used Software Development Tools - https://ctool.dev
• Text Fixer - https://textfixer.com
• SS64 Syntax Utils - https://ss64.com
• Tools4noobs - https://tools4noobs.com
• Text to ASCII Art Generator - https://patorjk.com/software/taag
• Have I Been Pwned - https://haveibeenpwned.com
• Name OSINT - https://namechk.com
• Breach Directory - https://breachdirectory.org
• MD5 Decrypt - https://md5decrypt.net/en/Sha1
• DeepL - https://www.deepl.com/translator

For OSINT tools visit our repository: My-OSINT

1.04 Forensic tools

Forensics Tools Catalogues

Evidence Project - https://dftoolscatalogue.eu

NIST - https://toolcatalog.nist.gov

S&T partners and NIST - Computer Forensic Tool Testing (CFTT) - https://dhs.gov/science-and-technology/nist-cftt-reports

Some tools

Image and video upscaling programs

• ImageJ
• Upscalers

Encryption workarounds:

Find the key.
Guess the key.
Compel the key.
Exploit a flaw in the encryption software.
Access plaintext while the device is in use.
Locate another plaintext copy.

Extraction Methods

Encryption:	Seize the encrypted files and decrypt them using a password or key and the appropriate decryption software. OR Seize the data while it is in an unencrypted state.
Virtualization:	Seize the virtual image file and open it with the correct password. OR Log into the virtual machine and seize the data while the virtual machine is turned on and in an unencrypted state.
Relational Database:	Seize all the files containing records. Obtain a copy of the database software and rebuild the database. OR Log into the database while it is live and employ the application used to create and manage the database as a search tool. Download the data using the method allowed by the application, either in the form of printouts or data files.

1.05 Cryptography

Encryption Workrounds

Visit our repo tree: 3.DOCUMENTS/Encryption

Encryption workarounds:

Find the key.
Guess the key.
Compel the key.
Exploit a flaw in the encryption software.
Access plaintext while the device is in use.
Locate another plaintext copy.

Bruteforce

Read the thread Brute Force Attacks

.

Cryptanalysis

Visit our repo tree: 3.DOCUMENTS/Cryptanalysis

Steganography

1.06 Memory analysis

1.07 Cryptocurrencies analysis

Cryptocurrencies analysis

https://github.com/OffcierCia/On-Chain-Investigations-Tools-List
https://github.com/aaarghhh/awesome_osint_criypto_web3_stuff
https://blocksherlock.com/home/blockchain-explorers
https://tronscan.org
https://etherscan.io
https://algoexplorer.io
https://explorer.solana.com
https://stellar.expert
https://snowtrace.io
https://flowscan.org
https://polygonscan.com

Some tools

https://github.com/demining/CryptoDeepTools
https://github.com/demining/bitcoindigger
https://github.com/graphsense
https://github.com/demining/Dao-Exploit
https://github.com/immunefi-team/Web3-Security-Library/blob/main/Tools/README.md#blockchain-analysis

Private sector

https://chainalysis.com
https://elliptic.co
https://ciphertrace.com
https://coinmetrics.io
https://whitestream.io
https://elementus.io
https://trmlabs.com
https://bitok.org/investigations

${\color{Red}\textbf{2.ACTIVE FORENSICS}}$

👷🛠️UNDER CONSTRUCTION🚧🏗

2.01 Police hacking

Visit our repo tree:
4.POLICE_HACKING

The Cyber Kill Chain

• MITRE ATT&CK — ICS Techniques
https://attack.mitre.org/techniques/ics

• MITRE ATT&CK — Enterprise Techniques
https://attack.mitre.org/techniques/enterprise/

• MITRE ATT&CK — Mobile Techniques
https://attack.mitre.org/techniques/mobile/

• OWASP MAS - Mobile Application Security
https://mas.owasp.org

• Metasploit - Penetration testing framework https://metasploit.com

• Training

∙ Rootme — https://root-me.org
∙ Vulnhub — https://vulnhub.com
∙ Hacker101 — https://hacker101.com
∙ Crackmes — https://crackmes.one
∙ Attack Defense — https://attackdefense.com

2.02 Law Enforcement Agency (LEA)

• Rule of Law Benchmarks

*First of all, consult court cases to see how laws are (mis)applied.

GE Constitution &#127465
https://gesetze-im-internet.de/englisch_gg/index.html

US Constitution &#127482
https://constitution.congress.gov

• Difference between legal regimes or multi-level chains of statutory references

We are still reflecting on this point.

Security Bodies (Judiciary Police)	Administration of Justice (Criminal Procedural Law)	Intelligence Services
• Conducts criminal investigations, carries out whatever steps it deems appropriate to elucidate the facts, with a view to discovering evidence of the existence of the crime and signs of its authorship. • Criminal police bodies act as a precautionary measure, such as in the case of preserving evidence or in the case of a flagrant crime. • Has an obligation to preserve the confidentiality of the investigation, therefore the right to adversarial proceedings is limited. • In general, the investigation is already a procedural phase.	• • In general, the criminal investigation can be directly initiated by other institutions, such as the Public Prosecutor's Office. • Full exercise of the right to adversarial proceedings • Follow due legal process, the criminal procedural law.	• Production of knowledge, with production of intelligence reports, to support decision making. • Their main objectives are to collect information and provide analyses, as well as anticipate and counteract external threats. • Compartmentalization princpiple: the production of information is separate from decision making, it ensures no single spy knows everything, meaning if they're captured, spies won’t know enough to compromise a mission. • In general, intelligence activity does not follow due legal process, intelligence agencies do not conduct criminal proceedings, although they can combat terrorism. • Related to military activities of national defense and conquest against foreign enemies.

*Informational separation of powers: in Germany, where the Gestapo of National Socialism existed, the separation between intelligence (knowledge) and police (power) was one of the denazification measures imposed by the allies in 1949.

*There is some controversy as to whether intelligence can be considered security.

• International Law

∙ UN — Library of Resources
https://unodc.org/e4j/en/resdb/index.html

∙ UN — Course Catalogue
https://unodc.org/elearning/en/courses/course-catalogue.html

∙ ICRC - Cyber operations during armed conflicts
https://icrc.org/en/war-and-law/conduct-hostilities/cyber-warfare

∙ ICRC - New technologies and IHL
https://icrc.org/en/war-and-law/weapons/ihl-and-new-technologies

∙ The Cyber Law Toolkit - The intersection of international law and cyber operations
https://cyberlaw.ccdcoe.org/wiki/Main_Page

∙ Budapest Convention (Cybercrime)
https://coe.int/en/web/cybercrime/the-budapest-convention

∙ Octopus Project
https://coe.int/en/web/cybercrime/octopus-project

Public International Law

PUBLIC INTERNATIONAL LAW
LAWS OF WAR		LAWS OF PEACE
"Jus ad bellum"	"Jus in bello"	Occupation and "Jus Post Bellum"	Human Rights Law
The international rules pertaining to which extent the use of military force against another state is allowed.	The international rules pertaining to how armed conflict must be conducted.	The Justice at the end of the war, helps move from conflict to peace.Reasonable peace treaties, civilian population should be protected, leaders who broke Hague/Geneva laws must face prosecution, cities must be reconstructed.	International Bill on Human Rights. Treaties and Conventions. Covenats and Declarations.

Jus ad bellum

Charter of the United Nations. Chapter VII — Action with respect to Threats to the Peace, Breaches of the Peace, and Acts of Aggression - Article 51

“Nothing in the present Charter shall impair the inherent right of individual or collective self-defence if an armed attack occurs against a Member of the United Nations, until the Security Council has taken measures necessary to maintain international peace and security. Measures taken by Members in the exercise of this right of self-defence shall be immediately reported to the Security Council and shall not in any way affect the authority and responsibility of the Security Council under the present Charter to take at any time such action as it deems necessary in order to maintain or restore international peace and security.”

Jus in Bello

Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of Victims of International Armed Conflicts (Protocol I)

“Article 3 of the Geneva Conventions and Article 44 Additional Protocol I
In order to promote the protection of the civilian population from the effects of hostilities, combatants are obliged to distinguish themselves from the civilian population while they are engaged in an attack or in a military operation preparatory to an attack. Recognizing, however, that there are situations in armed conflicts where, owing to the nature of the hostilities an armed combatant cannot so distinguish himself, he shall retain his status as a combatant, provided that, in such situations, he carries his arms openly:
(a) During each military engagement, and

(b) During such time as he is visible to the adversary while he is engaged in a military deployment preceding the launching of an attack in which he is to participate.

(c) Acts which comply with the requirements of this paragraph shall not be considered as perfidious within the meaning of Article 37, paragraph 1."

References:
UN - https://legal.un.org/repertory/art1.shtml
ICRC - https://icrc.org/en/document/what-are-jus-ad-bellum-and-jus-bello-0
ICRC - https://ihl-databases.icrc.org/en/ihl-treaties/api-1977?activeTab=undefined
ICRC - https://casebook.icrc.org/a_to_z/glossary/direct-participation-hostilities

• Council of Europe — Cybercrime

∙ Cybercrime — https://coe.int/cybercrime
∙ GLACY+ — https://coe.int/en/web/cybercrime/glacyplus
∙ iPROCEEDS-2 — https://coe.int/en/web/cybercrime/iproceeds-2
∙ Octopus Project — https://coe.int/en/web/cybercrime/octopus-project
∙ CyberSouth — https://coe.int/en/web/cybercrime/cybersouth
∙ CyberEast — https://coe.int/en/web/cybercrime/cybereast

• Publications

Council of Europe – Cybercrime Digest and Cybercrime@CoE Update: a bi-weekly selection of news relevant to the current areas of interest to the Cybercrime Programme Office of CoE (C-PROC) and a quarterly review of the work carried out by the Cybercrime Convention Committee (T-CY).
Council of Europe – Cybercrime Newsletter: subscribe to receive the latest updates on the topic.
CERT-EU: access quarterly Threat Landscape Reports and monthly Cyber Security Briefs from the Computer Emergency Response Team for the EU institutions, bodies and agencies.
CEPOL – Publications: find the latest documents on trainings for law enforcement officials including the European Law Enforcement Research Bulletin.
ENISA Newsroom: follow the most recent news on cybersecurity.
ENISA Publications: sort the latest publications on cybersecurity by topic (and download copies).
EUROJUST Newsletter: news from the European Union Agency for Criminal Justice Cooperation.
European Commission’s DG HOME Newsletter: spotlight on Schengen and borders, internal security and relevant European funds.
Europol – Email alerts: ranging from news to upcoming publications and vacancies, choose what alerts to receive.
Organisation for Security and Co-operation in Europe (OSCE) Newsletter: hand-picked updates and in-depth information bundles on OSCE activities, with possibility to choose countries of interest.
SIRIUS project publications: co-implemented by Europol and Eurojust, in close partnership with the European Judicial Network, the SIRIUS project is a central reference point in the EU for knowledge sharing on cross-border access to electronic evidence and allows to download, among other publications, the yearly EU Digital Evidence Situation Report.

• Investigatory Powers — Criminal Law

Americas

∙ US — Federal Rules — Criminal Procedure — Overview — Link
∙ US — Federal Rules — Criminal Procedure — Rule 41 — Search and Seizure — Link

On a Network in a Single District	On a Network in Multiple Districts	On a Network with Data Stored Internationally	Unknown Where the Data is Stored (Cloud)
Search under Rule 41; consider noting in affidavit the possibility of other locations	Multiple search warrants for each district with data or §2703 Warrant served on service provider	Use legal process required in country hosting the data, or consider accessing data remotely with a search warrant under Rule 41	Search under Rule 41 for subject computers, and concurrently search under §2703 served on service provider

Union European

∙ UE — Criminal procedural laws across the European Union – A comparative analysis — Link
∙ NL - National Coordinator for Security and Counterterrorism - https://english.nctv.nl
∙ GE — German Criminal Code (Strafgesetzbuch — StGB) — Link
∙ GE — German Code of Criminal Procedure (Strafprozeßordnung — StPO) — Link
∙ GE — German Code of Criminal Procedure - StPO, Section 100a - Telecommunications surveillance — Link
∙ GE — Law on the Federal Criminal Police Office and cooperation between the federal and state governments in criminal police matters (Federal Criminal Police Office Act - BKAG) - § 49 Covert intervention in information technology systems — Link

∙ UK — Crime, justice and law — Law and practice — Link
∙ UK — Public General Acts — Investigatory Powers Act 2016 — Link

Court Cases

∙ UNODC — Case Law Database — https://sherloc.unodc.org/cld/v3/sherloc/cldb/index.html?lng=en

∙ UNODC — Cyber Organized Crime — https://unodc.org/e4j/en/cybercrime/module-13/additional-teaching-tools.html

Americas

∙ US Cases — https://courtlistener.com/opinion
∙ US Federal Cases — https://pacer.uscourts.gov/find-case
∙ US Dod - Computer Crime and Intellectual Property Section (CCIPS) - https://justice.gov/criminal/criminal-ccips
∙ US FBI - Internet Crime Complaint Center (IC3) - https://ic3.gov
∙ Computer Crime Research Center - https://crime-research.org

Union European

∙ EUR-Lex https://eur-lex.europa.eu/homepage.html
∙ European Court of Justice https://curia.europa.eu
∙ EU Common Portal of Case Law — https://network-presidents.eu/cpcl
∙ Casetext (Thomson Reuters) - https://casetext.com
∙ Council of Europe - COE Cybercrime - https://coe.int/en/web/cybercrime
∙ Council of Europe - Octopus Cybercrime Community - Materials - https://coe.int/en/web/octopus/training

The Five, Nine, & Fourteen Eyes surveillance alliance includes the following countries:


Countries	Five Eyes	Nine Eyes	Fourteen Eyes	Other
United Kingdom	✔️	✔️	✔️
United States	✔️	✔️	✔️
Australia	✔️	✔️	✔️
Canada	✔️	✔️	✔️
New Zealand	✔️	✔️	✔️
Denmark		✔️	✔️
Netherlands		✔️	✔️
France		✔️	✔️
Norway			✔️
Germany			✔️
Belgium			✔️
Spain			✔️
Sweden			✔️
Italy			✔️
Israel				✔️
Japan				✔️
Singapore				✔️
South Korea				✔️

"Apart from these methods of cooperation, there are a number of equally secretive bilateral and multilateral agreements in other regions of the globe – such as the Club of Berne (an intelligence-sharing arrangement among the EU intelligence services) and the Shanghai Cooperation Organizations (an affiliation among the People’s Republic of China (‘China’), India, Kazakhstan, Kyrgyzstan, Pakistan, the Russian Federation (‘Russia’), Tajikistan and Uzbekistan) – together with intelligence exchange arrangements within a group of states comprising Russia, Iraq, Iran and Syria to facilitate the fight against the Islamic State."

(Ref.: WATT, Eliza. State Sponsored Cyber Surveillance: The Right to Privacy of Communications and International Law. Edward Elgar Publishing, 2021.)

2.03 Liability for Contents

TorrentFreak

https://torrentfreak.com
https://torrentfreak.com/category/lawsuits
https://torrentfreak.com/category/law-politics

TorrentFreak - Newsletter

https://torrentfreak.com/subscriptions
https://t.me/torrentfreaks
https://defcon.social/@torrentfreak
https://torrentfreak.com/feed

Where are torrents permitted? (2024)

2.04 Tor Fingerprint

Tor Fingerprint

• TOR Fingerprinting — https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead
• Attacks on Tor — https://github.com/Attacks-on-Tor/Attacks-on-Tor
• EFF Test — https://coveryourtracks.eff.org/learn

2.05 Forensics Footprints

Forensics Footprints

• https://github.com/PaulNorman01/Forensia

2.06 Supply Chain Attack

Supply Chain Attack

• https://reproducible-builds.org
• https://github.com/SAP/risk-explorer-for-software-supply-chains
• https://github.com/ossillate-inc/packj

2.07 APT & Cybercriminal Campagin Collections

APT & Cybercriminal Campagin Collections

• https://attack.mitre.org/groups
• https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections

2.08 Man In The Middle (MitM)

Man In The Middle (MitM)

• https://github.com/frostbits-security/MITM-cheatsheet
• https://github.com/mitmproxy/mitmproxy
• https://mitmproxy.org
• https://github.com/andreafortuna/MITMInjector
• https://github.com/KoreLogicSecurity/wmkick
• https://github.com/jakev/mitm-helper-wifi
• https://github.com/jakev/mitm-helper-vpn

2.09 Network Analysis (SIGINT)

Network Analysis

• Snort — https://github.com/snort3
• Wireshark — https://wireshark.org
• NMAP — https://nmap.org

Live System Based

Security Onion

Network Security Toolkit

2.10 Metadata

Metadata

∙ ExifTool — https://github.com/exiftool/exiftool
∙ PhotoDNA — https://anishathalye.com/inverting-photodna
∙ Geo-tags — https://tool.geoimgr.com

2.11 Reverse Engineering

Reverse Engineering

https://github.com/alphaSeclab/awesome-reverse-engineering

Ghidra

https://ghidra-sre.org

2.12 Social Engineeringg

Social Engineering

${\color{Yellow}\textbf{PHONE SNIFFING}}$

• DEFCON Safe Mode - Cooper Quintin - Detecting Fake 4G Base Stations in Real-Time https://youtube.com/watch?v=siCk4pGGcqA
• SRLabs - Warn you about threats like fake base stations (IMSI Catchers)
https://github.com/srlabs/snoopsnitch
• Android IMSI-Catcher Detector (suspended)
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector
• Telecom Exploits - Signalling System 7 (SS7)
https://github.com/SigPloiter/SigPloit
• Telecom Exploits - HLR Lookups
https://github.com/SigPloiter/HLR-Lookups


NAME	MEANING
IMEI	International Mobile Equipment Identity
IMSI	International Mobile Subscriber Identity
MCC	Mobile Country Code
MNC	Mobile Network Code
MSIN	Mobile Subscription Identification Number
ICCID	Integrated Circuit Card Identifier
MSID	Mobile Station ID

GSM	Global System for Mobile Communications
SIM Card	Subscriber Identity Module Card
SMS	Short Message/Messaging Service
SDR	Software-Defined Radio

Useful Websites

— OpenCellID — Link
— Cell Tower Locator (Cell2GPS) — Link
— Cell Phone Trackers — Link
— International Numbering Plans — Link
— GSM World Coverage Map and GSM Country List — Link
— Imei Info — https://imei.info
— GSMArena Phones Ref.- https://gsmarena.com
— Phonescoop Phones Ref.- https://phonescoop.com
— Cell Towers — https://opencellid.org

Information & Explanations

— IMSI-catcher — Link
— GSM frequency bands — Link
— List of software-defined radios — Link

Useful Apps

— Mobile Software
— AIMSICD — Link
— SnoopSnitch — Link
— Desktop Software
— GsmEvil 2 — Link
— IMSI-catcher — Link

Equipment

GSM 900 / GSM 1800 MHz are used in most parts of the world: Europe, Asia, Australia, Middle East, Africa.
GSM 850 / GSM 1900 MHz are used in the United States, Canada, Mexico and most countries of S. America.

— SDR
— RTL-SDR (65MHz-2.3GHz) — Link
— Antenna
— Antenna — Link

Equipment

— Catching IMSI Catchers — Link

GSM Sniffing Install/Setup Guide

Install

$ sudo apt install python3-numpy python3-scipy python3-scapy gr-gsm
$ git clone https://github.com/Oros42/IMSI-catcher && cd IMSI-catcher
$ sudo grgsm_livemon && python3 simple_IMSI-catcher.py --sniff

GSM Install Error? Try this!

$ sudo apt-get install -y \
cmake \
autoconf \
libtool \
pkg-config \
build-essential \
docutils \
libcppunit-dev \
swig \
doxygen \
liblog4cpp5-dev \
gnuradio-dev \
gr-osmosdr \
libosmocore-dev \
liborc-0.4-dev \
swig

$ gnuradio-config-info -v

Tips

$ sudo grgsm_scanner -l  # List your SDR connected.
$ sudo grgsm_scanner     # Scan for cell towers near you.
$ sudo grgsm_livemon     # Live radio scanning.

${\color{Green}\textbf{BRUTE FORCE ATTACKS}}$

Brute Force Attacks

The speed at which your password is cracked depends on the entropy of your password and the power of the computer.

Computer programs used for brute force attacks can check anywhere from 10,000 to 1 billion passwords per second. A Pentium 100 can try 10.000 passwords a second. A supercomputer can try 1.000.000.000 per second.

Complex sheet:

Simplified sheet:

Types of brute force attacks

Simple Brute Force Attack

The attacker relies on trying out commonly used, weak passwords such as 123456, qwerty, admin, changeme, qazwsxedc etc.

Dictionary attack

Software that can make thousands of guesses every second using dictionary databases, hence the name of the attack.

Hybrid Brute Force Attack

A hybrid attack is utilized once the attacker already knows the username of its prey.

Reverse Brute Force Attack

A reverse brute force attack requires the attacker to know the password beforehand and then attempt to guess the username.

Credential stuffing

Hackers can get entire databases of stolen login credentials and then try to apply them to the account they’re trying to access. This kind of attack can be especially devastating if the attacked user reuses passwords across multiple accounts.

Rainbow Table Attack

A rainbow table attack is a method of password cracking that employs rainbow tables to break the password hashes in a database. Websites or apps don’t store passwords in plain text; instead, they encrypt passwords with hashes. Once the password is used for logging in, it is immediately converted to a hash. The next time the user logs in using their passwords, the server checks whether the password matches the previously created hash. If the two hashes match, the user is then authenticated. The tables used to store password hashes are known as rainbow tables.

Multi Factor Authenticator (MFA) or Two-factor Authenticator (2FA)

Set up MFA whenever possible, It's an extra layer of security that requires additional steps to verify the user's identity.

Encryption workarounds:

Find the key.
Guess the key.
Compel the key.
Exploit a flaw in the encryption software.
Access plaintext while the device is in use.
Locate another plaintext copy.

Sites of Interest

https://cve.org
https://cvedetails.com
https://openwall.com
https://lkrg.org
https://attack.mitre.org
https://exterro.com
https://forensicfocus.com
https://forensicscijournal.com
https://www.swgde.org/documents/published-complete-listing
https://hackthebox.com
https://hackerone
https://hackread.com
https://htcia.org
https://osforensics.com
https://magnetforensics.com
FTK Lite
SSAC Publications
Botnets as a Vehicle for Online Crime — CERT
Security Audit
SANS Institute
Internet Storm Center — SANS Institute
COAST Hotlist: Computer Security, Law and Privacy — CERIAS, Purdue University

General Publications

• CVE Alerting Platform
https://github.com/opencve/opencve
• Black Hat
https://blackhat.com
• ZDnet
https://zdnet.com
• The Hacker News
https://thehackernews.com/#email-outer
• Bleeping Computer
https://bleepingcomputer.com
• Wired News
https://wired.com
• Vice
https://vice.com/en/section/tech
• The Register
https://theregister.com
• Secure List by Kaspersky
https://securelist.com
• PT ESC Threat Intelligence
https://ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence
• Forensic Focus — Newsletter
https://forensicfocus.com
• SANS Institute — Newsletter
https://sans.org>
• Google Project Zero
https://googleprojectzero.blogspot.com
• Debian Security Announce
https://lists.debian.org/debian-security-announce
• Cert Coordination Center
https://cert.org
• DoD Instructions Cybersecurity
https://esd.whs.mil/dd/
• Computer World
https://computerworld.com
• InfoWorld
https://infoworld.com
• InformationWeek
https://informationweek.com
• TechRepublic
https://techrepublic.com
• Infosecurity Magazine
https://infosecurity-magazine.com
• Sophos
https://sophos.com
https://news.sophos.com
• TechWorld
https://techworld.com
• Infosec Institute
https://resources.infosecinstitute.com
• ComputerWeekly
https://computerweekly.com
• Security Affairs
https://securityaffairs.com • E Security Planet
https://esecurityplanet.com
• Help Net Security
https://helpnetsecurity.com
• Information Security Magazine
https://searchsecurity.techtarget.com
• Network World Fusion
https://nwfusion.com
• Federal Computer Week Security News
https://fcw.com/Home.aspx
• Government Computer News IT Security
https://gcn.com/Home.aspx
• IA Technology Analysis Center
https://iac.dtic.mil/csiac
• Overseas Security Advisory Council
https://osac.gov
• SANS Internet Storm Center
https://isc.sans.edu
• Search Security
https://searchsecurity.techtarget.com
• News Factor
https://newsfactor.com
• Security Focus
https://securityfocus.com/news
• BankInfoSecurity
https://www.bankinfosecurity.com
• UNIT42 Palo Alto Networks
https://unit42.paloaltonetworks.com
• New Scientist
https://newscientist.com/section/news
• Silicon Valley
https://siliconvalley.com
• TechWeb
https://techweb.com
• USA Today
https://usatoday.com/tech
• US Government Executive Magazine
https://govexec.com
• The Intercept
https://theintercept.com
• Reuters
https://reuters.com/news
• Aljazeera
https://aljazeera.com
• Gulf News
https://gulfnews.com
• China Official Publications
https://english.www.gov.cn
• North Korea Official Publications
http://www.kcna.kp/en
• Israel Official Publications
https://gov.il/en
• Iran Official Publications
https://irangov.ir/en

Forensic Publications

• Make a Google Scholar search from an interesting subject that you want to follow up on.

• Search paramters example:

police hacking intext:ilegal intext:abusive intext:law

• You could set keywords alerts: https://scholar.google.com/scholar_alerts?view_op=list_alerts

• Open access journals
https://en.wikipedia.org/wiki/List_of_academic_databases_and_search_engines
https://en.wikipedia.org/wiki/Lists_of_academic_journals
https://en.wikipedia.org/wiki/List_of_open-access_journals

• Non-profit research initiatives
The Public Knowledge Project - https://pkp.sfu.ca

• Science Direct — Forensic Science International: Digital Investigation
https://sciencedirect.com/journal/forensic-science-international-digital-investigation
• Forensic Science — Application of science to criminal and civil laws
https://forensicscijournal.com
• University of London - SAS Open Journals - Digital Evidence and Electronic Signature Law Review
https://journals.sas.ac.uk/deeslr/
• IEEE Intelligence and Security Informatics (IEEE-ISI)
https://ieee-isi.org
• USENIX Conferences
https://usenix.org/conferences
• International Journal of Intelligence and CounterIntelligence
https://tandfonline.com/journals/ujic20
• Australian Journal of Forensic Sciences
https://tandfonline.com/journals/tajf20
• Advancing Technology, Research and Collaboration
https://acm.org/conferences
• Communications in Computer and Information Science — Springer
https://springer.com/series/7899
• IEEE Open Journal of Circuits and Systems
• IEEE Open Journal of the Communications Society
• IEEE Open Journal of the Computer Society
• IEEE Open Journal of Signal Processing

Law Publications

German Law Research

• German Legal Research Guide - Georgetown Law
https://guides.ll.georgetown.edu/germanlegalresearch
• German Law Research - Harvard Law School Library Research Services
https://guides.library.harvard.edu/GermanLaw
• The German Law Journal (open-access) - Cambridge University Press
https://cambridge.org/core/journals/german-law-journal
• Foreign Law Translations - The University of Texas at Austin
https://law.utexas.edu/transnational/foreign-law-translations

Law and Technology Research

• Bad Internet Bills - https://badinternetbills.com
• Berkeley Law Technology Journal - https://btlj.org
• Carnegie Endowment for International Peace - https://carnegieendowment.org/publications/interactive/cybernorms
• CIS - https://cyberlaw.stanford.edu
• Computer Crime Research Center - https://crime-research.org
• ETSI - https://etsi.org/committees

• European Journal of Law and Technology - https://ejlt.org/index.php/ejlt
• Intelligence Oversight - https://intelligence-oversight.org
• International Review of Law, Computers & Technology (Open Acess) -https://tandfonline.com/journals/cirl20
• Internet Crime Complaint Center (IC3) - https://ic3.gov/Home/AnnualReports
• Northwestern Journal of Technology and Intellectual Property - https://scholarlycommons.law.northwestern.edu/njtip/
• Ohio State Technology Law Journal (Moritz College of Law) - https://kb.osu.edu/communities/a3767fe3-6fcd-5776-bbe7-44d144fb641a
• Science Direct — Computer Law & Security Review - https://sciencedirect.com/journal/computer-law-and-security-review
• Software Freedom Law Center - https://softwarefreedom.org
• Techdirt - https://techdirt.com
• The APWG Symposium on Electronic Crime Research (APWG eCrime) - https://ecrimeresearch.org
• The Berkman Klein Center for Internet & Society at Harvard University - https://cyber.harvard.edu
• The Center for Security and Emerging Technology (CSET) - Georgetown University's Walsh School of Foreign Service
• The Center for Security and Emerging Technology within Georgetown University's Walsh School of Foreign Service - https://cset.georgetown.edu
• The Digital Evidence and Electronic Signature Law Review (DEESLR) (Open Access) - https://journals.sas.ac.uk/deeslr/issue/view/596
• The Duke Law & Technology Review (DLTR) - https://dltr.law.duke.edu
• UN Internet Governance Forum - https://intgovforum.org

Others

• AIDP-IAPL Publications - https://penal.org/en/aidp-iapl-publications
• European Journal of Criminology - https://journals.sagepub.com/home/euc
• Information Security Journal: A Global Perspective - https://tandfonline.com/journals/uiss20
• Information Systems Security - https://tandfonline.com/journals/uiss19
• Journal of Applied Security Research - https://tandfonline.com/journals/wasr20
• Journal of Computer Information Systems - https://tandfonline.com/journals/ucis20
• Police Practice and Research — An International Journal - https://tandfonline.com/journals/gppr20
• Policing and Society — An International Journal of Research and Policy - https://tandfonline.com/journals/gpas20

https://digitalcommons.usf.edu/mca/
https://csrc.nist.gov
https://sherloc.unodc.org
https://justice.gov/criminal/cybercrime
https://coe.int/en/web/cybercrime
https://enisa.europa.eu
https://fbi.gov

Libraries

Libraries

Internet Archive

 https://archive.org

Anna's Archive

 https://annas-archive.org

Z-Library Official (Telegram)

 https://t.me/zlibrary_official

Z-Library (APP)

 https://go-to-zlibrary.se/#desktop_app_tab

Z-Library (WEB)

 https://singlelogin.se

Z-Library (ONION)

 http://loginzlib2vrak5zzpcocc3ouizykn6k5qecgj2tzlnab5wcbqhembyd.onion

Library Genesis (.rs alias domain)

 https://libgen.rs

Library Genesis (.is alias domain)

 https://libgen.is

Library Genesis (.st alias domain)

 https://libgen.st

Library Genesis (APP)

 https://wiki.mhut.org/software:libgen_desktop

Library Genesis (ONION)

 http://libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion

Imperial Library (ONION)

 http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion

Just Another Library (ONION)

 http://libraryfyuybp7oyidyya3ah5xvwgyx6weauoini7zyz555litmmumad.onion

InfoCon (ONION)

 http://w27irt6ldaydjoacyovepuzlethuoypazhhbot6tljuywy52emetn7qd.onion

Activism, Nonprofit Initiatives and Private Initiatives

• Cops in Cyberspace - https://copsincyberspace.wordpress.com
• AFSC and Economic Activism - https://investigate.afsc.org
• BBW - https://bigbrotherwatch.org.uk
• Bugged Planet - http://buggedplanet.info
• Citizenlab - https://citizenlab.ca
• EFF - https://eff.org
• EPIC - https://epic.org/issues/surveillance-oversight
• Necessary and Proportionate - https://necessaryandproportionate.org
• No Tech For Apartheid - https://investigate.afsc.org
• Privacy International - https://privacyinternational.org
• S&S - https://ojs.library.queensu.ca/index.php/surveillance-and-society/index
• The Bureau of Investigative Journalism - https://thebureauinvestigates.com
• The Tor Project - https://blog.torproject.org

Intelligence, Conflict, and Warfare Publications

• The NATO Cooperative Cyber Defence Centre of Excellence
https://ccdcoe.org
• Council on Foreign Relations (CFR)
https://www.cfr.org
• International Security Studies Section (ISSS)
https://www.isanet.org/ISA/Sections/ISS
• Taylor & Francis - Intelligence and National Security - Open access articles
https://tandfonline.com/action/showOpenAccess?journalCode=fint20
• Taylor & Francis - The International Journal of Intelligence, Security, and Public Affairs
https://www.tandfonline.com/loi/usip20
• The Journal of Intelligence, Conflict, and Warfare
https://journals.lib.sfu.ca/index.php/jicw/issue/archive
• DCAF - Geneva Centre for Security Sector Governance
https://dcaf.ch/resources?type=publications
• CIA.gov - Center for the study of intelligence
https://cia.gov/resources/csi/studies-in-intelligence
• E-International Relations - Open access scholarly books
https://e-ir.info/publications
• Springer Open
https://springeropen.com
• International Security
https://direct.mit.edu/isec
• Carnegie Endowment for International Peace
https://carnegieendowment.org
• RIEAS
https://rieas.gr

YouTube Conferences

Others

• Computer Incident Response Center for Civil Society
https://civicert.org
https://eforensicsmag.com
https://csrc.nist.gov/projects
https://nvd.nist.gov
https://cisa.gov/news-events/cybersecurity-advisories
https://nsa.gov/Press-Room/Press-Releases-Statements
https://nsa.gov/ia/mitigation_guidance/security_configuration_guides/index.shtml
https://malware.lu
https://securelist.com
https://eucybernet.eu
https://oval.mitre.org
https://w3.org/Security/Faq/www-security-faq.html
https://nowsecure.com
https://htcia.org
https://digitalcitizensalliance.org/get-informed/digital-citizens-investigative-reports
https://reddit.com/r/InfoSecNews
https://reddit.com/r/digitalforensics
https://reddit.com/r/computerforensics
https://reddit.com/r/antiforensics
https://reddit.com/r/Smartphoneforensics
https://reddit.com/r/privacy
https://reddit.com/r/restorethefourth
https://github.com/yeahhub/Hacking-Security-Ebooks
https://github.com/InfoSecIITR/reading-material

REFERENCES

https://dfrws.org/presentation
https://issworldtraining.com
https://sciencedirect.com/journal/forensic-science-international-digital-investigation
https://sciencedirect.com/journal/computer-law-and-security-review
https://github.com/MISP/misp-training
https://github.com/ail-project/ail-training
https://isc2.org/Certifications/CISSP
https://github.com/connectans/awesome-CISSP-CCSP
https://github.com/jefferywmoore/CISSP-Study-Resources
https://github.com/Syslifters/OffSec-Reporting
https://attack.mitre.org
https://forensicfocus.com
https://ecrimeresearch.org
https://drivebadger.com
https://cellebritelearningcenter.com
https://public.cyber.mil

Back to Top ⬆

Made with ♥

Name		Name	Last commit message	Last commit date
Latest commit History 233 Commits
.data		.data
1.TOP_SECRET		1.TOP_SECRET
2.FORENSIC		2.FORENSIC
3.DOCUMENTS		3.DOCUMENTS
4.POLICE_HACKING		4.POLICE_HACKING
5.BUSINESS_MODEL		5.BUSINESS_MODEL
6.OTHERS		6.OTHERS
README.md		README.md

RENANZG/My-Forensics

Folders and files

Latest commit

History

Repository files navigation

DIGITAL FORENSICS AND INCIDENT RESPONSE (DFIR)

"These programs were never about terrorism: they're about economic spying, social control and diplomatic manipulation. They're about power." (Edward Snowden)

BASIC STRATEGY

The criminal investigation must be protected from leaks by following a logical sequence:

FORENSIC SUITES

FORENSIC TOOLS

• Evidence ProjectForensics Tools Catalogue

• NIST - Forensics Tools Catalogue

• S&T partners and NIST - Computer Forensic Tool Testing (CFTT)

INTERCEPTION PLATFORMS

Exploit and Spyware Vendor

NATIONAL CYBER SECURITY AGENCIES

NIST — National Institute of Standards and Technology

Visit: https://nist.gov/standards

ASTM International

Subcommittee E30.12 on Digital and Multimedia Evidence

Visit: https://www.astm.org/get-involved/technical-committees/committee-e30/subcommittee-e30/jurisdiction-e3012

The PCI Security Standards Council (PCI SSC)

Visit: https://www.pcisecuritystandards.org

Visit: https://iso27001security.com

Official - Information security, cybersecurity and privacy protection — https://iso.org/standard/27001

Forensics Tools Catalogues

Some tools

Image and video upscaling programs

Encryption workarounds:

Extraction Methods

Encryption Workrounds

Bruteforce

Cryptanalysis

Steganography

Volatile memory analysis

JTag, Chip-off and ISP forensics

Researching support for phones in JTAG software

Cryptocurrencies analysis

Some tools

Private sector

Visit our repo tree: 4.POLICE_HACKING

The Cyber Kill Chain

• Training

• Rule of Law Benchmarks

• Difference between legal regimes or multi-level chains of statutory references

• International Law

Public International Law

Jus ad bellum

Jus in Bello

• Council of Europe — Cybercrime

• Publications

• Investigatory Powers — Criminal Law

Americas

Union European

Court Cases

Americas

Union European

The Five, Nine, & Fourteen Eyes surveillance alliance includes the following countries:

Tor Fingerprint

Forensics Footprints

Supply Chain Attack

APT & Cybercriminal Campagin Collections

Man In The Middle (MitM)

Network Analysis

Metadata

Reverse Engineering

Ghidra

Social Engineering

Useful Websites

Information & Explanations

Useful Apps

Equipment

Equipment

GSM Sniffing Install/Setup Guide

Install

GSM Install Error? Try this!

Tips

Brute Force Attacks

Types of brute force attacks

Visit our repo tree:
4.POLICE_HACKING