Looking forward to my second OSMOSIS Institute conference. I’ll be demystifying the darknets. Here’s my session blurb. See you there!

Investigating Darknets – 2019 OSMOSIS Session Topic

Andrew Lewman

Making the theoretical, practical. Darknet technologies are often steeped in deep technical jargon and complex computer science terms. In reality, they’re based on simple concepts anyone can understand. Models like Distributed Hash Tables, JSON, magnet files, BitTorrent protocols. We’ll learn the basic foundations of darknet technologies. We’ll build upon this foundation by getting more into more complex implementations and see how these are deployed in live darknets. We’ll learn basic forensic approaches to understanding darknets as seen on live machines. Throughout all of this will be sprinkled stories and anecdotes from past successful investigations. We’ll dissect how Tor actually works, the difference between VPN mode and hidden service mode. We’ll walk through a more secure darknet workstation for analysts. This will enable us to better investigate sites, collect evidence, and explore with reduced exposure to the darknet.

Learning Objectives:

  • Understanding of the various darknet technologies, tor, i2p, zero net, open bazaar
  • Gain practical experience with darknets
  • Investigate darknets using multiple sources of data



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s