Visit our repo tree: 2.FORENSIC

• About DFIR - Certifications Training

• Mikeroyal - Digital Forensics Guide (Github)

• Enisa EU - Online Training Material

• Message Header Analyzer — https://mha.azurewebsites.net<br> • Message Header Analyzer — https://github.com/microsoft/MHA
• PhishTank — https://phishtank.org<br> • Simple Email Reputation — https://emailrep.io<br> • Have I Been Pwned — https://haveibeenpwned.com<br> • DeHashed — https://www.dehashed.com<br> • Whois — https://www.iana.org/whois
• ViewDNS — https://viewdns.info<br> • WhoisMyDNS — https://whoismydns.com<br> • NSLookup — https://www.nslookup.io<br> • My-Addr — https://my-addr.com<br> • Malpedia — https://malpedia.caad.fkie.fraunhofer.de<br> • CVE Details — https://www.cvedetails.com<br> • Exploit Database — https://www.exploit-db.com<br> • FileInfo — https://fileinfo.co<br> • xCyclopedia — https://strontic.github.io/xcyclopedia
• The Windows Binary Index — https://winbindex.m417z.com<br> • Palo Alto Applipedia — https://applipedia.paloaltonetworks.com<br> • Windows Securitiy Logs — https://www.ultimatewindowssecurity.com/securitylog/encyclopedia
• Internet Archive (WayBackMachine) - https://web.archive.org<br> • Archive web content — https://archive.ph<br> • Internet Archive — https://archive.org<br> • HTTrack — https://www.httrack.com<br> • IPVOID — https://www.ipvoid.com<br> • AbuseIPDB — https://www.abuseipdb.com<br> • Grabify IP Logger — https://grabify.link/
• IP Logger — https://iplogger.org<br> • IP Tracker — https://iplogger.org/ip-tracker
• IP location — https://www.iplocation.net<br> • Location Tracker — https://iplogger.org/location-tracker
• URL Checker — https://iplogger.org/url_checker
• MAC Address Lookup — https://iplogger.org/mac-checker
• MAC Vendor — https://macvendors.com<br> • IP API
  — ip-api — https://ip-api.com<br>   — ipify — https://www.ipify.org<br>   — ipapi — https://ipapi.co<br>   — vpnapi — https://vpnapi.io<br>   — ipapi — https://ipapi.com<br> • The ZMap Project — https://zmap.io<br> • WiGLE — https://wigle.net<br> • urlscan.io — https://urlscan.io<br> • Virus Total — https://www.virustotal.com<br> • Hybrid Analysis — https://hybrid-analysis.com<br> • AlienVault OTX — https://otx.alienvault.com<br> • IBM X-Force Exchange — https://exchange.xforce.ibmcloud.com<br> • Cisco Talos — https://talosintelligence.com/reputation_center
• Maltiverse — https://maltiverse.com/collection
• GreyNoise — https://www.greynoise.io<br> • SANS Internet Storm Center — https://isc.sans.edu<br> • Intelligence X — https://intelx.io<br> • MetaDefender Cloud — https://metadefender.opswat.com<br> • RiskIQ Community Edition — https://community.riskiq.com/home
• Pulsedive — https://pulsedive.com<br> • Valhalla YARA Rules — https://valhalla.nextron-systems.com<br> • Binvis — https://binvis.io<br> • JoeSandbox — https://www.joesandbox.com<br> • ANY.RUN — https://any.run<br> • Verexif - https://www.verexif.com/en/
• Any Run — https://app.any.run<br> • Name OSINT — https://namechk.com<br> • Reverse Shell Generator — https://www.revshells.com<br> • Rainbow Tables (Hashes) — https://hashes.com/en/decrypt/hash
• Breach Directory - https://breachdirectory.org<br> • MD5 Decrypt - https://md5decrypt.net/en/Sha1
• File Signatures ("Magic Numbers") — https://en.wikipedia.org/wiki/Magic_number_(programming)
• List of File Signatures — https://en.wikipedia.org/wiki/List_of_file_signatures
• CyberChef — https://gchq.github.io/CyberChef
• explainshell — https://explainshell.com<br> • Epoch Converter — https://www.epochconverter.com<br>

For OSINT tools visit our repository: My-OSINT

Forensics Tools Catalogues

Evidence Project - https://www.dftoolscatalogue.eu

NIST - https://toolcatalog.nist.gov

S&T partners and NIST - Computer Forensic Tool Testing (CFTT) - https://www.dhs.gov/science-and-technology/nist-cftt-reports

Some tools

• The Sleuth Kit (TSK) (GitHub)
• Autopsy
• ImHex
• Hashcat
• John the Ripper
• Drive Badger — Covert Data Exfiltration Operations
• Making Maps for Investigators
• Offensive Google framework
• Bitlocker Key Finder
• SIFT
• RegRipper
• No More Ransom
• MS Sysinternals
• WinFE

Image and video upscaling programs

• ImageJ
• Upscalers

Encryption workarounds:

1. Find the key.
2. Guess the key.
3. Compel the key.
4. Exploit a flaw in the encryption software.
5. Access plaintext while the device is in use.
6. Locate another plaintext copy.

Extraction Methods

Encryption Workrounds

Visit our repo tree: 3.DOCUMENTS/Encryption

Encryption workarounds:

1. Find the key.
2. Guess the key.
3. Compel the key.
4. Exploit a flaw in the encryption software.
5. Access plaintext while the device is in use.
6. Locate another plaintext copy.

Bruteforce

Read the thread Brute Force Attacks

Cryptanalysis

Visit our repo tree: 3.DOCUMENTS/Cryptanalysis

Steganography

Volatile memory analysis

• Volatility
https://www.volatilityfoundation.org/releases
• Linux Memory Extractor (LiME)
https://github.com/504ensicsLabs/LiME
• Cobalt Strike in memory
https://andreafortuna.org/2020/11/22/how-to-detect-cobalt-strike-activity-in-memory-forensics/

JTag, Chip-off and ISP forensics

https://www.teeltech.com/ufaqs/what-is-jtag-chip-off-and-isp
https://www.cellebritelearningcenter.com/mod/page/view.php?id=11903
https://www.fletc.gov/jtag-chipoff-smartphones-training-program
https://www.gillware.com/phone-data-recovery-services/jtag-chip-off-forensics
https://www.gillware.com/phone-data-recovery-services/chip-off-forensics-services

Researching support for phones in JTAG software

Cryptocurrencies analysis

https://github.com/OffcierCia/On-Chain-Investigations-Tools-List
https://github.com/aaarghhh/awesome_osint_criypto_web3_stuff
https://blocksherlock.com/home/blockchain-explorers
https://tronscan.org<br> https://etherscan.io<br> https://algoexplorer.io<br> https://explorer.solana.com<br> https://stellar.expert<br> https://snowtrace.io<br> https://flowscan.org<br> https://polygonscan.com<br>

Some tools

https://github.com/demining/CryptoDeepTools
https://github.com/demining/bitcoindigger
https://github.com/demining/Dao-Exploit
https://github.com/immunefi-team/Web3-Security-Library/blob/main/Tools/README.md#blockchain-analysis

Private sector

https://chainalysis.com<br> https://elliptic.co<br> https://ciphertrace.com<br> https://coinmetrics.io<br> https://whitestream.io<br> https://ciphertrace.com<br> https://elementus.io<br> https://trmlabs.com<br> https://bitok.org/investigations

Visit our repo tree:
4.POLICE_HACKING

The Cyber Kill Chain

• MITRE ATT&CK — ICS Techniques
https://attack.mitre.org/techniques/ics

• MITRE ATT&CK — Enterprise Techniques
https://attack.mitre.org/techniques/enterprise/

• MITRE ATT&CK — Mobile Techniques
https://attack.mitre.org/techniques/mobile/

• OWASP MAS - Mobile Application Security
https://mas.owasp.org<br>

• Training

∙ Rootme — https://www.root-me.org<br> ∙ Vulnhub — https://www.vulnhub.com<br> ∙ Hacker101 — https://www.hacker101.com<br> ∙ Crackmes — https://crackmes.one<br> ∙ Attack Defense — https://attackdefense.com<br>

• Some Cases

∙ Omerta Digital (FBI Honey Pot?)
https://www.omertadigital.com/
∙ Case: ANON (also stylized as AN0M or ΛNØM)
https://en.wikipedia.org/wiki/ANOM
https://www.vice.com/en/article/n7b4gg/anom-phone-arcaneos-fbi-backdoor
∙ Case: EncroChat
https://en.wikipedia.org/wiki/EncroChat
https://eucrim.eu/news/germany-federal-court-of-justice-confirms-use-of-evidence-in-encrochat-cases
https://xperylab.medium.com/the-dark-phones-encrochat-criminals-are-building-their-own-communication-system-474f3aeef759
∙ Case: Pegasus Spyware (NSO Group)
https://theintercept.com/2021/07/27/pegasus-nso-spyware-security
∙ Case: Verint
https://wikileaks.org/spyfiles/docs/VERINT_2012_AvneTurn_en.html
https://www.reddit.com/r/InfoSecNews/comments/sxxzju/leaktheanalyst_group_leak_critical_data_from/
∙ Case: Phantom Secure
https://en.wikipedia.org/wiki/Phantom_Secure
https://www.vice.com/en/article/v7m4pj/the-network-vincent-ramos-phantom-secure
∙ Case: Sky Global
https://en.wikipedia.org/wiki/Shutdown_of_Sky_Global
∙ Case: Bundestrojaner
https://en.wikipedia.org/wiki/Bundestrojaner
∙ Case: Magic Lantern
https://en.wikipedia.org/wiki/Magic_Lantern_(software)
https://github.com/bibanon/bibanon/blob/0b84bb23794c91c238a5601403898b61b5d193fc/Encyclopedia/History/Events/Pifts.md?plain=1#L125
∙ Case: Cryptophon
https://en.wikipedia.org/wiki/Tron_(hacker)#Cryptophon
∙ Planting Tiny Spy Chips in Hardware Can Cost as Little as $200
https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap-proof-of-concept
∙ Installation of beacon implants
https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant
∙ The tricky issue of spyware with a badge: meet ‘policeware’
https://arstechnica.com/information-technology/2007/07/will-security-firms-avoid-detecting-government-spyware
∙ Analisi della normativa e della giurisprudenza sul captatore informatico e la spiegazione del Caso Exodus
https://www.dirittoconsenso.it/2021/11/11/captatore-informatico-trojan-di-stato
∙ LightEater Demo: Stealing GPG keys/emails in Tails via remote firmware infection
https://www.youtube.com/watch?v=sNYsfUNegEA
∙ KeyGrabber Forensic Keylogger
https://www.youtube.com/watch?v=6JJo8qCYE8M

• Rule of Law Benchmarks

*First of all, consult court cases to see how laws are (mis)applied.

• Difference between legal regimes or multi-level chains of statutory references

*Informational separation of powers: in Germany, where the Gestapo of National Socialism existed, the separation between intelligence (knowledge) and police (power) was one of the denazification measures imposed by the allies in 1949.

*There is some controversy as to whether intelligence can be considered security.

• International Law

∙ UN — Library of Resources
https://www.unodc.org/e4j/en/resdb/index.html

∙ UN — Course Catalogue
https://www.unodc.org/elearning/en/courses/course-catalogue.html

∙ ICRC - Cyber operations during armed conflicts
https://www.icrc.org/en/war-and-law/conduct-hostilities/cyber-warfare

∙ ICRC - New technologies and IHL
https://www.icrc.org/en/war-and-law/weapons/ihl-and-new-technologies

∙ The Cyber Law Toolkit - The intersection of international law and cyber operations
https://cyberlaw.ccdcoe.org/wiki/Main_Page

∙ Budapest Convention (Cybercrime)
https://www.coe.int/en/web/cybercrime/the-budapest-convention

∙ Octopus Project
https://coe.int/en/web/cybercrime/octopus-project

Public International Law

Jus ad bellum

Charter of the United Nations. Chapter VII — Action with respect to Threats to the Peace, Breaches of the Peace, and Acts of Aggression - Article 51

“Nothing in the present Charter shall impair the inherent right of individual or collective self-defence if an armed attack occurs against a Member of the United Nations, until the Security Council has taken measures necessary to maintain international peace and security. Measures taken by Members in the exercise of this right of self-defence shall be immediately reported to the Security Council and shall not in any way affect the authority and responsibility of the Security Council under the present Charter to take at any time such action as it deems necessary in order to maintain or restore international peace and security.”

Jus in Bello

Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of Victims of International Armed Conflicts (Protocol I)

“Article 3 of the Geneva Conventions and Article 44 Additional Protocol I
In order to promote the protection of the civilian population from the effects of hostilities, combatants are obliged to distinguish themselves from the civilian population while they are engaged in an attack or in a military operation preparatory to an attack. Recognizing, however, that there are situations in armed conflicts where, owing to the nature of the hostilities an armed combatant cannot so distinguish himself, he shall retain his status as a combatant, provided that, in such situations, he carries his arms openly:

(a) During each military engagement, and

(b) During such time as he is visible to the adversary while he is engaged in a military deployment preceding the launching of an attack in which he is to participate.

(c) Acts which comply with the requirements of this paragraph shall not be considered as perfidious within the meaning of Article 37, paragraph 1."

References:
UN - https://legal.un.org/repertory/art1.shtml
ICRC - https://www.icrc.org/en/document/what-are-jus-ad-bellum-and-jus-bello-0
ICRC - https://ihl-databases.icrc.org/en/ihl-treaties/api-1977?activeTab=undefined
ICRC - https://casebook.icrc.org/a_to_z/glossary/direct-participation-hostilities

• Council of Europe — Cybercrime

• Publications

• Council of Europe – Cybercrime Digest and Cybercrime@CoE Update: a bi-weekly selection of news relevant to the current areas of interest to the Cybercrime Programme Office of CoE (C-PROC) and a quarterly review of the work carried out by the Cybercrime Convention Committee (T-CY).
• Council of Europe – Cybercrime Newsletter: subscribe to receive the latest updates on the topic.
• CERT-EU: access quarterly Threat Landscape Reports and monthly Cyber Security Briefs from the Computer Emergency Response Team for the EU institutions, bodies and agencies.
• CEPOL – Publications: find the latest documents on trainings for law enforcement officials including the European Law Enforcement Research Bulletin.
• ENISA Newsroom: follow the most recent news on cybersecurity.
• ENISA Publications: sort the latest publications on cybersecurity by topic (and download copies).
• EUROJUST Newsletter: news from the European Union Agency for Criminal Justice Cooperation.
• European Commission’s DG HOME Newsletter: spotlight on Schengen and borders, internal security and relevant European funds.
• Europol – Email alerts: ranging from news to upcoming publications and vacancies, choose what alerts to receive.
• Organisation for Security and Co-operation in Europe (OSCE) Newsletter: hand-picked updates and in-depth information bundles on OSCE activities, with possibility to choose countries of interest.
• SIRIUS project publications: co-implemented by Europol and Eurojust, in close partnership with the European Judicial Network, the SIRIUS project is a central reference point in the EU for knowledge sharing on cross-border access to electronic evidence and allows to download, among other publications, the yearly EU Digital Evidence Situation Report.

• Investigatory Powers — Criminal Law

Americas

∙ US — Federal Rules — Criminal Procedure — Overview — Link
∙ US — Federal Rules — Criminal Procedure — Rule 41 — Search and Seizure — Link

Union European

∙ UE — Criminal procedural laws across the European Union – A comparative analysis — Link
∙ UK — Crime, justice and law — Law and practice — Link
∙ UK — Public General Acts — Investigatory Powers Act 2016 — Link
∙ GE — German Criminal Code (Strafgesetzbuch — StGB) — Link
∙ GE — German Code of Criminal Procedure (Strafprozeßordnung — StPO) — Link
∙ GE — German Code of Criminal Procedure - StPO, Section 100a - Telecommunications surveillance — Link
∙ GE — Law on the Federal Criminal Police Office and cooperation between the federal and state governments in criminal police matters (Federal Criminal Police Office Act - BKAG) - § 49 Covert intervention in information technology systems — Link

Court Cases

∙ UNODC — Case Law Database — https://sherloc.unodc.org/cld/v3/sherloc/cldb/index.html?lng=en
∙ UNODC — Cyber Organized Crime — https://www.unodc.org/e4j/en/cybercrime/module-13/additional-teaching-tools.html

Americas

∙ US Federal Cases — https://pacer.uscourts.gov/find-case
∙ US Dod - Computer Crime and Intellectual Property Section (CCIPS) - https://www.justice.gov/criminal/criminal-ccips
∙ US FBI - Internet Crime Complaint Center (IC3) - https://www.ic3.gov<br> ∙ Computer Crime Research Center - https://www.crime-research.org<br>

Union European

∙ EUR-Lex https://eur-lex.europa.eu/homepage.html
∙ EU Common Portal of Case Law — https://network-presidents.eu/cpcl
∙ Casetext (Thomson Reuters) - https://casetext.com<br> ∙ Council of Europe - COE Cybercrime - https://www.coe.int/en/web/cybercrime
∙ Council of Europe - Octopus Cybercrime Community - Materials - https://www.coe.int/en/web/octopus/training

The Five, Nine, & Fourteen Eyes surveillance alliance includes the following countries:

"Apart from these methods of cooperation, there are a number of equally secretive bilateral and multilateral agreements in other regions of the globe – such as the Club of Berne (an intelligence-sharing arrangement among the EU intelligence services) and the Shanghai Cooperation Organizations (an affiliation among the People’s Republic of China (‘China’), India, Kazakhstan, Kyrgyzstan, Pakistan, the Russian Federation (‘Russia’), Tajikistan and Uzbekistan) – together with intelligence exchange arrangements within a group of states comprising Russia, Iraq, Iran and Syria to facilitate the fight against the Islamic State."

(Ref.: WATT, Eliza. State Sponsored Cyber Surveillance: The Right to Privacy of Communications and International Law. Edward Elgar Publishing, 2021.)

TorrentFreak

TorrentFreak - Newsletter

• How to start your own ISP
• Where are torrents permitted?
• UK ISP Court Orders
• Web Sheriff
• A new bill could punish web platforms for using end-to-end encryption
• French court rules that Steam’s ban on reselling used games is contrary to European law
• MEPs approve sweeping changes to copyright law
• The Legalities of Linking
• COPYRIGHT LIABILITY FOR LINKING AND EMBEDDING — Klaris Law (.PDF)
• EU court says linking to copyrighted material isn't illegal
• IP Address is Not Enough to Identify Pirate, US Court of Appeals Rules — (.PDF)
• New EU Piracy Watchlist Targets Key Pirate Sites and Cloudflare — (.PDF)
• Domain Registrar Can be Held Liable for Pirate Site, Court Rules
• Reporting When Pirate Releases Hit The Internet is Apparently Illegal Now
• Swiss Copyright Law: Downloading Stays Legal, No Site Blocking
• List of websites blocked in the United Kingdom
• Major US ISPs Refuse to Discuss Repeat Infringer Policies
• Who Watches the Watchmen: Exploring Complaints on the Web
• British ISPs throw in the towel, give up sending out toothless copyright infringement warnings

Tor Fingerprint

∙ TOR Fingerprinting — https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead
∙ Attacks on Tor — https://github.com/Attacks-on-Tor/Attacks-on-Tor
∙ EFF Test — https://coveryourtracks.eff.org/learn

Hacker Cases

Forensics Footprints

• https://github.com/PaulNorman01/Forensia

Supply Chain Attack

APT & Cybercriminal Campagin Collections

• https://attack.mitre.org/groups
• https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections

Man In The Middle (MitM)

Network Analysis

• Snort — https://github.com/snort3
• Wireshark — https://www.wireshark.org<br> • NMAP — https://nmap.org<br>

Live System Based

Security Onion

Network Security Toolkit

Metadata

∙ ExifTool — https://github.com/exiftool/exiftool
∙ PhotoDNA — https://anishathalye.com/inverting-photodna
∙ Geo-tags — https://tool.geoimgr.com<br>

Reverse Engineering

https://github.com/alphaSeclab/awesome-reverse-engineering

Ghidra

https://ghidra-sre.org<br>

Social Engineering

• Social Engineering Fundamentals, Part I: Hacker Tactics, SecurityFocus
• Social Engineering Fundamentals, Part II: Combat Strategies, SecurityFocus
• Awesome Social Engineering — GitHub
• Social Engineer Toolkit — GitHub

• DEFCON Safe Mode - Cooper Quintin - Detecting Fake 4G Base Stations in Real-Time https://www.youtube.com/watch?v=siCk4pGGcqA
• SRLabs - Warn you about threats like fake base stations (IMSI Catchers)
https://github.com/srlabs/snoopsnitch
• Android IMSI-Catcher Detector (suspended)
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector
• Telecom Exploits - Signalling System 7 (SS7)
https://github.com/SigPloiter/SigPloit
• Telecom Exploits - HLR Lookups
https://github.com/SigPloiter/HLR-Lookups

Useful Websites

— OpenCellID — Link
— Cell Tower Locator (Cell2GPS) — Link
— Cell Phone Trackers — Link
— International Numbering Plans — Link
— GSM World Coverage Map and GSM Country List — Link
— Imei Info — https://www.imei.info<br> — GSMArena Phones Ref.- https://www.gsmarena.com — Phonescoop Phones Ref.- https://www.phonescoop.com — Cell Towers — https://opencellid.org<br>

Information & Explanations

— IMSI-catcher — Link
— GSM frequency bands — Link
— List of software-defined radios — Link

Useful Apps

— Mobile Software
— AIMSICD — Link
— SnoopSnitch — Link
— Desktop Software
— GsmEvil 2 — Link
— IMSI-catcher — Link

Equipment

GSM 900 / GSM 1800 MHz are used in most parts of the world: Europe, Asia, Australia, Middle East, Africa.
GSM 850 / GSM 1900 MHz are used in the United States, Canada, Mexico and most countries of S. America.

— SDR
— RTL-SDR (65MHz-2.3GHz) — Link
— Antenna
— Antenna — Link

Equipment

— Catching IMSI Catchers — Link

GSM Sniffing Install/Setup Guide

Install

$ sudo apt install python3-numpy python3-scipy python3-scapy gr-gsm
$ git clone https://github.com/Oros42/IMSI-catcher && cd IMSI-catcher
$ sudo grgsm_livemon && python3 simple_IMSI-catcher.py --sniff

GSM Install Error? Try this!

$ sudo apt-get install -y \
cmake \
autoconf \
libtool \
pkg-config \
build-essential \
docutils \
libcppunit-dev \
swig \
doxygen \
liblog4cpp5-dev \
gnuradio-dev \
gr-osmosdr \
libosmocore-dev \
liborc-0.4-dev \
swig

$ gnuradio-config-info -v

Tips

$ sudo grgsm_scanner -l  # List your SDR connected.
$ sudo grgsm_scanner     # Scan for cell towers near you.
$ sudo grgsm_livemon     # Live radio scanning.

Brute Force Attacks

The speed at which your password is cracked depends on the entropy of your password and the power of the computer.

Computer programs used for brute force attacks can check anywhere from 10,000 to 1 billion passwords per second. A Pentium 100 can try 10.000 passwords a second. A supercomputer can try 1.000.000.000 per second.

Complex sheet:

Simplified sheet:

Types of brute force attacks

Simple Brute Force Attack

The attacker relies on trying out commonly used, weak passwords such as 123456, qwerty, admin, changeme, qazwsxedc etc.

Dictionary attack

Software that can make thousands of guesses every second using dictionary databases, hence the name of the attack.

Hybrid Brute Force Attack

A hybrid attack is utilized once the attacker already knows the username of its prey.

Reverse Brute Force Attack

A reverse brute force attack requires the attacker to know the password beforehand and then attempt to guess the username.

Credential stuffing

Hackers can get entire databases of stolen login credentials and then try to apply them to the account they’re trying to access. This kind of attack can be especially devastating if the attacked user reuses passwords across multiple accounts.

Rainbow Table Attack

A rainbow table attack is a method of password cracking that employs rainbow tables to break the password hashes in a database. Websites or apps don’t store passwords in plain text; instead, they encrypt passwords with hashes. Once the password is used for logging in, it is immediately converted to a hash. The next time the user logs in using their passwords, the server checks whether the password matches the previously created hash. If the two hashes match, the user is then authenticated. The tables used to store password hashes are known as rainbow tables.

Multi Factor Authenticator (MFA) or Two-factor Authenticator (2FA)

Set up MFA whenever possible, It's an extra layer of security that requires additional steps to verify the user's identity.

Encryption workarounds:

1. Find the key.
2. Guess the key.
3. Compel the key.
4. Exploit a flaw in the encryption software.
5. Access plaintext while the device is in use.
6. Locate another plaintext copy.

• https://www.cve.org
• https://www.cvedetails.com
• https://www.openwall.com
• https://www.lkrg.org
• https://www.attack.mitre.org
• https://www.exterro.com
• https://www.forensicfocus.com
• https://www.forensicscijournal.com
• https://www.hackthebox.com
• https://www.hackerone
• https://www.hackread.com
• https://www.htcia.org
• https://www.osforensics.com
• https://www.magnetforensics.com
• FTK Lite
  
• SSAC Publications
• Botnets as a Vehicle for Online Crime — CERT
• Security Audit
• SANS Institute
• Internet Storm Center — SANS Institute
• COAST Hotlist: Computer Security, Law and Privacy — CERIAS, Purdue University

• CVE Alerting Platform
https://github.com/opencve/opencve
• The Hacker News — Newsletter
https://thehackernews.com/#email-outer
• Black Hat
https://blackhat.com<br> • ZDnet
https://www.zdnet.com<br> • Bleeping Computer
https://www.bleepingcomputer.com<br> • Wired News
https://www.wired.com<br> • The Register
https://www.theregister.com<br> • Secure List by Kaspersky — Newsletter
https://securelist.com<br> • Forensic Focus — Newsletter
https://www.forensicfocus.com<br> • SANS Institute — Newsletter
https://www.sans.org>
• Debian Security Announce
https://lists.debian.org/debian-security-announce • Cert Coordination Center
https://www.cert.org<br> • DoD Instructions Cybersecurity
https://www.esd.whs.mil/dd/
• Computer World
https://computerworld.com<br> • InfoWorld
https://www.infoworld.com<br> • InformationWeek
https://www.informationweek.com<br> • TechRepublic
https://www.techrepublic.com<br> • Sophos
https://sophos.com<br> • TechWorld
https://www.techworld.com<br> • Infosec Institute
https://resources.infosecinstitute.com<br> • Government Executive Magazine
https://govexec.com<br> • E Security Planet
https://www.esecurityplanet.com<br> • Help Net Security
https://www.helpnetsecurity.com<br> • Information Security Magazine
https://searchsecurity.techtarget.com<br> • Network World Fusion
https://www.nwfusion.com<br> • Federal Computer Week Security News
https://fcw.com/Home.aspx
• Government Computer News IT Security
https://gcn.com/Home.aspx
• IA Technology Analysis Center
https://iac.dtic.mil/csiac
• Overseas Security Advisory Council
https://www.osac.gov<br> • SANS Internet Storm Center
https://isc.sans.edu<br> • Search Security
https://searchsecurity.techtarget.com<br> • News Factor
https://www.newsfactor.com<br> • Security Focus
https://www.securityfocus.com/news
• New Scientist
https://www.newscientist.com/section/news
• Silicon Valley
https://www.siliconvalley.com<br> • TechWeb
https://www.techweb.com<br> • USA Today
https://www.usatoday.com/tech
• The Intercept
https://theintercept.com<br> • Reuters
https://www.reuters.com/news
• Aljazeera
https://www.aljazeera.com<br> • Gulf News
https://gulfnews.com<br> • China Official Publications
https://english.www.gov.cn<br> • North Korea Official Publications
http://www.kcna.kp/en
• Israel Official Publications
https://www.gov.il/en
• Iran Official Publications
https://irangov.ir/en

• Make a Google Scholar search from an interesting subject that you want to follow up on.

• Search paramters example:

police hacking intext:ilegal intext:abusive intext:law

• You could set keywords alerts: https://scholar.google.com/scholar_alerts?view_op=list_alerts

Open access journals

https://en.wikipedia.org/wiki/List_of_academic_databases_and_search_engines
https://en.wikipedia.org/wiki/Lists_of_academic_journals
https://en.wikipedia.org/wiki/List_of_open-access_journals

• Science Direct — Forensic Science International: Digital Investigation
https://www.sciencedirect.com/journal/forensic-science-international-digital-investigation
• Science Direct — Computer Law & Security Review
https://www.sciencedirect.com/journal/computer-law-and-security-review
• Forensic Science — Application of science to criminal and civil laws
https://www.forensicscijournal.com<br> • University of London - SAS Open Journals - Digital Evidence and Electronic Signature Law Review
https://journals.sas.ac.uk/deeslr/
• IEEE Intelligence and Security Informatics (IEEE-ISI)
https://ieee-isi.org<br> • USENIX Conferences
https://www.usenix.org/conferences
• International Journal of Intelligence and CounterIntelligence
https://www.tandfonline.com/journals/ujic20
• Information Security Journal: A Global Perspective
https://www.tandfonline.com/journals/uiss20
• Policing and Society — An International Journal of Research and Policy
https://www.tandfonline.com/journals/gpas20
• Police Practice and Research — An International Journal
https://www.tandfonline.com/journals/gppr20
• Journal of Applied Security Research
https://www.tandfonline.com/journals/wasr20
• Information Systems Security
https://www.tandfonline.com/journals/uiss19
• Journal of Computer Information Systems
https://www.tandfonline.com/journals/ucis20
• Australian Journal of Forensic Sciences
https://www.tandfonline.com/journals/tajf20
• Advancing Technology, Research and Collaboration
https://www.acm.org/conferences
• The APWG Symposium on Electronic Crime Research (APWG eCrime)
https://ecrimeresearch.org<br> • Communications in Computer and Information Science — Springer
https://www.springer.com/series/7899
IEEE Open Journal of Circuits and Systems
IEEE Open Journal of the Communications Society
IEEE Open Journal of the Computer Society
IEEE Open Journal of Signal Processing

• German Law Research - Harvard Law School Library Research Services
https://guides.library.harvard.edu/GermanLaw
• The German Law Journal (open-access) - Cambridge University Press
https://www.cambridge.org/core/journals/german-law-journal
• Foreign Law Translations - The University of Texas at Austin
https://law.utexas.edu/transnational/foreign-law-translations
• The Center for Security and Emerging Technology (CSET) - Georgetown University's Walsh School of Foreign Service
https://cset.georgetown.edu<br> • European Journal of Criminology
https://journals.sagepub.com/home/euc
• European Journal of Law and Technology
https://ejlt.org/index.php/ejlt
•
https://www.sciencedirect.com/journal/computer-fraud-and-security
• Digital Evidence and Electronic Signature Law Review
https://journals.sas.ac.uk/deeslr/issue/view/596
•
https://www.tandfonline.com/journals/cirl20
•
https://openyls.law.yale.edu<br> •
https://dltr.law.duke.edu<br> •
https://scholarlycommons.law.northwestern.edu/njtip/
• Ohio State Technology Law Journal (Moritz College of Law)
https://kb.osu.edu/communities/a3767fe3-6fcd-5776-bbe7-44d144fb641a
•
https://scholar.smu.edu/smulr
• AIDP-IAPL Publications
https://www.penal.org/en/aidp-iapl-publications

• Necessary and Proportionate - https://www.necessaryandproportionate.org<br> • Privacy International - https://www.privacyinternational.org<br> • EFF - https://www.eff.org<br> • EPIC - https://epic.org/issues/surveillance-oversight
• S&S - https://ojs.library.queensu.ca/index.php/surveillance-and-society/index
• Citizenlab - https://citizenlab.ca<br> • BBW - https://bigbrotherwatch.org.uk<br> • Bugged Planet - http://buggedplanet.info<br> • CIS - https://cyberlaw.stanford.edu<br> • The Berkman Klein Center for Internet & Society at Harvard University - https://cyber.harvard.edu<br> • Carnegie Endowment for International Peace
https://carnegieendowment.org/publications/interactive/cybernorms
• Bad Internet Bills - https://www.badinternetbills.com<br> • Software Freedom Law Center - https://softwarefreedom.org<br> • Techdirt - https://www.techdirt.com<br> • Intelligence Oversight - https://www.intelligence-oversight.org • UN Internet Governance Forum - https://www.intgovforum.org<br> • The IT Law Wiki - https://itlaw.fandom.com<br> • Computer Crime Research Center - https://www.crime-research.org<br> • Internet Crime Complaint Center (IC3) - https://www.ic3.gov/Home/AnnualReports
• ETSI - https://www.etsi.org/committees
• The Bureau of Investigative Journalism - https://www.thebureauinvestigates.com<br>

https://www.fbi.gov<br> https://www.justice.gov/news
https://www.justice.gov/criminal/cybercrime
https://www.coe.int/en/web/cybercrime
https://www.sherloc.unodc.org<br> https://www.enisa.europa.eu<br> https://csrc.nist.gov<br>

https://www.computerweekly.com<br> https://www.vice.com/en/section/tech
https://copsincyberspace.wordpress.com<br>

• The NATO Cooperative Cyber Defence Centre of Excellence
https://ccdcoe.org<br> • Taylor & Francis - Intelligence and National Security - Open access articles
https://www.tandfonline.com/action/showOpenAccess?journalCode=fint20
• The Journal of Intelligence, Conflict, and Warfare
https://journals.lib.sfu.ca/index.php/jicw/issue/archive
• DCAF - Geneva Centre for Security Sector Governance
https://www.dcaf.ch/resources?type=publications
• CIA.gov - Center for the study of intelligence
https://www.cia.gov/resources/csi/studies-in-intelligence
• E-International Relations - Open access scholarly books
https://www.e-ir.info/publications
• Springer Open
https://www.springeropen.com<br> • International Security
https://direct.mit.edu/isec
• Carnegie Endowment for International Peace
https://carnegieendowment.org<br> • RIEAS
https://rieas.gr<br>