Cyber Investigation courses focused around the practical cyber forensic investigations and includes usage of CSI Linux for hands on.

Open Source Intelligence and Investigation

CSI Linux Open Source Intelligence (OSINT) and Investigation Course

Do you want to know what your competitors or hackers know about you?  Are you investigating a suspect or potential employee?  Many of the attackers' tools, techniques, and procedures can be used by those investigating.  This course goal is to gather information on a suspect or target using the information found on the Internet.

This course covers the following sections: Base Process of Investigations, Preserving Online Evidence, Phone Numbers and Info, IP Addresses, Proxies, and VPNs, DNS, Domains, and Subdomains, Importance of Anonymity, Online Investigation Subjects, Setting up an Online Web Persona, Using your persona to investigate, Website Collection, 3rd Party Commercial Apps, Tracking changes and getting alerts, Public Records Searches, Geolocation, Online Investigations With Images., Social Media Sites, What is Crypto Currency, OSINT Frameworks (tools), Writing the Report, Case Studies, Practicing OSINT and Resources, and more.

Social Media Intelligence and Investigation


This course's goal is to gather information on a suspect or target using their Social Media information. Do you want to know what your competitors or enemies know about you?  These are the same techniques we use during the reconnaissance or OSINT process but focus directly on the target's Social Media presence.

The modules included are Importance of Anonymity, Base Process of Investigations, Preserving Online Evidence, Online Investigation Subjects, setting up a Sock Puppet, 3rd Party Commercial Apps, Terms of Service Challenges, tracking changes and getting alerts, Online Investigations with Images, Facebook, Twitter, Instagram, and others, Dating Sites, using your persona to investigate, Writing the Report, Case Studies, Practicing OSINT and Resources, and more

Dark Web Investigation

CSI Linux Dark Web Investigation Certification Course

You will learn about the basics of Dark Web investigations, including Dark Markets, Crypto Currency, tools to connect to Tor & I2P, and resources to help you investigate activity over Dark Web networks.   The main goal is to help gather and preserve evidence for court.

The modules in this course cover: What is the Darknet/Dark Web, Preserving Online Evidence, Base Process of Investigations, Importance of Anonymity, Connecting to Tor, Navigating the Dark Web (Tor), De-Anonymizing Tor, Other Onion Routing Dark Nets, Setting up a Dark Web Persona, What is Crypto Currency, Dark Web Investigation Subjects, Resources, Writing the Report, Case Studies, and more.

You will also be prepared to take the Certified Dark Web Investigator (CDWI) test.

Incident Response and Risk Management

This is a CSI Linux Incident Response and CompTIA Cybersecurity Analyst+ (CySA+) combined course.  In this course, you will learn everything you need to know to pass the CySA+ along with gaining key skills that will allow you to test security and identify risks.  It is suggested you use CSI Linux because there are many labs in this course.  

The CompTIA Cybersecurity Analyst+ examination is designed for IT security analysts, vulnerability analysts, or threat intelligence analysts. The exam will certify that the successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats, and risks to an organization with the end goal of securing and protecting applications and systems within an organization.”

  • This course will teach you the fundamental principles of using threat and vulnerability analysis tools plus digital forensic tools 
  • Aimed at IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer
  • Identify tools and techniques to use to perform an environmental reconnaissance of a target network or security system.
  • Collect, analyze, and interpret security data from multiple log and monitoring sources.
  • Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation.
  • Understand and remediate identity management, authentication, and access control issues.
  • Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack.
  • Understand the use of frameworks, policies, and procedures and report on security architecture with recommendations for effective compensating controls