USW OSINT & Digital Forensics Activity β Investigative Task
PLEASE READ
These websites have been created for educational purposes. These are free to use sandboxes that are hosted via GitHub. Techniques learned in any session run by the USW Cyber Outreach team are not to be used under any circumstances apart from for taking part in the activity outlined below. The websites are interactable safe-spaces and are not to be considered indicative of vulnerabilities in real websites or services.
USW has no relation to any organisation that may be used for demonstrative purposes and the organisation titles used in this activity have not been chosen as part of any particular agenda or purpose.
Objective
Your team has been assigned to an investigative task that requires analysing evidence to uncover key details about a suspect. The information available to you is limited to what has been discarded. Your goal is to piece together important details from the materials provided and use them to progress your investigation.
Websites
Each group has been assigned a specific website to investigate. Use the information you uncover to gain access.
- π΅οΈββοΈ Group 1 Target Website
- π Group 2 Target Website
- 𧩠Group 3 Target Website
- π Group 4 Target Website
Equipment Provided
- 𧀠Sterile gloves (use them when handling any materials)
- π» Computer with internet access (limited to specific investigation websites)
- π Pinboards and materials to organise findings
Investigation Process
1. Evidence Examination
- You have been provided with a bag containing various items. Everything inside may be relevant, so examine each item carefully.
- Record any potential leads, including:
- Names
- Addresses
- Phone numbers
- Email addresses
- Receipts
- Tickets
- Handwritten notes
- Any other identifying information
- Take photos or make notes of anything that seems useful.
2. Digital Investigation
- Using the information you have gathered, attempt to access the designated investigation website.
- Some of the details found may only help with the password. You will need the correct username AND password.
- The accounts on these websites will only accept the correct credentials, meaning you must ensure any details you use are accurate.
3. Exfiltrating Key Information
- Once you gain access to the investigation websites, your task is to locate and extract specific pieces of information.
- Record your findings and be prepared to explain how your team arrived at them.
π¨ Note: Only the homepage and login page will work as part of this exercise, there is a final page which contains the information you are required to discover. These are the only pages where interaction is required for this challenge.
Rules & Guidelines
- β Confidentiality: Treat the information as sensitiveβdo not share findings with other teams.
- β Teamwork: Work collaboratively, discussing your findings and theories.
- β Methodical Approach: Be systematic in your search, ensuring no clue is overlooked.
- β Respect Materials: Do not damage or discard any evidence. All materials must be returned at the end of the activity.
Good luck, investigators! ππ