Practitioner's Guide to Online Investigations

About this text

This guide is written and maintained by me, Adv4n6. This is my take on online / digital investigations based upon my experiences as a detective for a midsized law enforcement agency in the southeast United States, a practitioner in the private sector, and as an instructor traveling the country teaching 500 to 1,000 students per year.

These are my ideas on how to conduct investigations online. However, it should be noted, that I am a perpetual student, and am always learning. I have found that rarely is an idea actually original. As such, I may have gleaned nuggets from the multitude of superior practitioners and instructors that exist in this space. I cannot possibly name them all here. I do, however, try to make it a point to point out when I have been inspired by, or learned a technique from, someone specifically. Additionally, I do my best to share the great work of others with the reader here, and point out when I do so.

Style Guide

Allow me to orient you to the text. This document / book is created and hosted on Gitbook. It's a pretty slick platform for documentation publication.

On the LEFT ⬅️side of your screen, you will see the various sections and pages of the text, with your current location highlighted red. This will take you to the various topic areas by simply clicking the text of the page you'd like to read.. Think of it as the overarching table of contents for this work.

On the UPPER RIGHT ↗️side of the screen you will see a smaller version titled contents. This will display various topics on the current page, and your current location will be highlighted red. Clicking on the topic will take you to that section of the page.

As you navigate the documents, on the BOTTOM ⬇️of the page you will be able to navigate to the next and previous pages.

From time to time I will insert links, quote other works, make annotations, write a command or simply give the reader a piece of information which will assist them as they read the text or practice / perform the techniques. These call outs are explained below:

I may put a link inside of a sentence to something the user may find interesting or useful. It will be red, and clickable, like this. If you click on the red text, you will be sent to the page I thought you might find interesting/useful/etc. If the link is to another part of this text, you will be taken there directly. If the link is to an external site, a new browser window will open.

Commands or code snippets will be annotated like this:

$ give me super-powers

// Ain't no code for that yet, sorry
echo 'You got to trust me on this, I saved the world' //

You can easily copy/paste from the code area by clicking on the squares in the upper right, or by highlighting the traditional way.

From time to time, I may want to call the readers attention to various "nice to know" information, and I will annotate those ideas like this:

There may be warnings or other potential items which REALLY need your attention:

There may be times I want to bring attention to something good, as well: