Garrett eDiscovery, Forensic and Legal consultants conduct thorough and effective computer investigations of any kind, including intellectual property theft, incident response, compliance auditing and responding to e-discovery requests—all while maintaining the forensic integrity of the data. Read more at http://www.garrettdiscovery.com/

1. Digital InvestigationsDigital Investigations
Presenter: Andrew GarrettPresenter: Andrew Garrett
Garrett Discovery Inc.Garrett Discovery Inc.
Presentation forPresentation for
Private DetectivesPrivate Detectives

2. Why use technology?
Technology
is often the usage and knowledge of tools,
techniques, crafts, systems or methods of organization in
order to solve a problem or serve some purpose
Efficiency
well use of time and effort
Cost
Can reduce cost by obtaining a desired outcome without use
of another less efficient method

3. Cyber Sleuthing
• Using the power of the Internet to gather revealing
information on people and to skip trace (track someone
down)
• For investigators, the web is a broad avenue for informal
discovery, allowing litigators to test a witness’ candor
and probe a litigant’s background and resources.
• Websites (Launch Pad)
– Birthdate: Switchboard.com, whowhere.com,
anywho.com
– Criminal: searchsystems.net
– Gov: firstgov.gov, tray.com

4. Social Networking
• Facebook
By default, when you search for a topic on Facebook, the
results you see will be from your list of contacts; your
"circle of friends", so to speak. If you would like to expand
that circle to include results from anyone who has chosen
to make their Facebook information publicly accessible,
simply click on "Posts By Everyone". This gives you the
option to view information from people who are not
included in your contact list.
• Myspace
• Mylife
• Twitter

5. Fake Social Network Pages
• Find a friend of your subject that doesn’t post a lot
• Copy a few of the pictures of that friend including a profile
picture
• Let’s assume we are cloning the identity of John Doe that is
friends with your subject Jake Harris.
• Add a few of John Doe friends to the Facebook account that are
common friends with Jake Harris
• You now have a believable account!
• Add Jake Harris as a friend and he will most likely just add you!
• Now you have access and can send him an invite to your wedding
and ask for his address if needed.

6. Footprinting
Footprinting is searching for collections of data to be
used with social engineering to gather more
information about your suspect.
In order to understand how to footprint you must
learn how the web search engines work. All search
engines are based on Boolean logic.
Always keep your reference sheet handy until
memorized.

7. Google Footprinting
Operators Description
site: Restrict results to only one domain, or
server
inurl:/allinurl: All terms must appear in URL
intitle:/allintitle: All terms must appear in title
cache: Display Google’s cache of a page
ext:/filetype: Return files with a given
extension/file type
info: Convenient way to get to other
information about a page
link: Find pages that link to the given page
inanchor: Page is linked to by someone using
the term

8. Google Footprinting
Operators Description
- Inverse search operator (hide
results)
~ synonyms
[#]..[#] Number range
* Wildcard to put something
between something when
searching with “quotes”
+ Used to force stop words
OR Boolean operator, must be
uppercase
| Same as OR

9. Surveillance
Technologies
Video Cameras
The video camera is the most valuable piece of
equipment in the PI's arsenal. Video cameras provide
physical documentation of the PI's observations. In a
vehicle, video cameras mount on tripods for mobile
surveillance. For stationary surveillance, video
cameras are hand-held. Video surveillance is
admissible in criminal and civil court and workers'
compensation hearings.
What about the times you cannot see the suspect?
Are there covert cameras?

10. Surveillance Technologies
Pinhole Cameras
Pinhole cameras, button cameras and micro-cameras are small, about the
size of a dime, and placed in a variety of objects for covert surveillance.
Pinhole cameras hide easily within a woman's purse, jacket or shirt
pocket. A number of nondescript items, such as sunglasses and baseball
caps may be purchased with a built-in camera. Pinhole cameras allow a PI
to move about freely and even engage the investigative subject in
conversation.
• Placement
• Practice
• Cost
• Battery Life
• Brickhouse.com stuntcams.com

11. Surveillance
Technologies
Voice Recorders
State and federal wiretapping and eavesdropping laws
govern the use of voice recorders. Recording
telephone conversations is permissible if the call takes
place in a one-party state. A one-party state requires
consent of only one person directly involved in the
conversation. Approximately 12 U.S. states are two-
party states, which require that both parties consent
to the recording. Voice recorders can also record
verbal statements from witnesses, victims and
suspects.
• Practice
• Telephone Taps with consent
• I wish I could record this conversation and “would u
allow me if I had a recorder?”

12. Surveillance Technologies
GPS Systems
Private investigators use live GPS systems to track an investigative target's
movements in real time. The GPS unit attaches to the subject's vehicle;
the PI then uses a computer to observe and document the movements.
Passive GPS systems record the subject's movements. Upon removal of
the unit from the vehicle, the PI is then able to upload the recorded
information to another computer. Data is viewable through a mapping
program.
Cost-Monthly Charge-Mounts
• Brickhouse Security
• Gpsfootprints.com
• Xacttrax.com
• Zoombak.com

13. Surveillance Technologies
Key Loggers
Key loggers record activities on a computer. The key logger plugs into a
USB port on the target's computer and installs a program. The program
records and encrypts information about visited websites and keystrokes.
Retrieving the data requires that the key logger be plugged back into the
USB port; the information uploads directly to the key logger.
• Qualified Computer Tech
• Antivirus
• Spyware Monitoring
• Use of Porn Site Email

14. Social Engineering
• IP-Relay
– IP-relay.com
• Spoofing Phone calls
– Spoofcard.com
– International Calling Cards
– Target Trap

15. Forensics
• Mobile Phone Analysis
– Up to 5000 deleted text messages
• Computer analysis
– Web History
– Facebook Chat Logs
– Instant Messenger Chat Logs
– Reconstruction of web pages
– Passwords

16. Thank you for attending
Questions:
www.garrettdiscovery.com
Office: 217-615-1888