TRACE LABS WILL BE RUNNING A FULL DAY OSINT CTF FOR MISSING PERSONS AT BSIDES ROCHESTER ON SATURDAY MARCH 21 2020
About this Event:
Trace Labs is a Not-For-Profit organization whose mission is to crowdsource the collection of Open Source Intelligence (OSINT) to generate new leads on active missing persons investigations.
The missing persons issue is getting worse and requires modern and scalable solutions at various levels to help mitigate risk to society. Trace Labs leverages an intelligence platform that enables the of collection of OSINT to power these crowdsourced community CTF events. These CTF events allow missing persons to receive the attention that is needed early in the search process.
For this CTF, contestants can participate as either a Solo Team or a team of up to 4.
Registration for this CTF will take place onsite in the CTF room during the morning of the conference.
How does the CTF work?
For this CTF, 8 missing persons cases will be selected for contestants to collect OSINT on to generate new leads.
This isn’t a typical “Theoretical CTF” where the flags are already known. All flags found by contestants are treated as new intelligence that can serve as a potential lead for an active missing persons investigation.
At the start of the event, contestants will be able to view the 8 missing persons case details by logging into the CTF platform at bsidesto.tracelabs.org with their own credentials.
For each “OSINT Flag” submitted on one of the missing persons that falls into any of the categories listed here, the flag will be validated by one of our Judges prior to awarding points.
Please also review our CTF rules here for first time contestants.
1st Place Prizes:
At the end of the CTF, the team with the most points on the scoreboard will claim first prize of up to 4 Hunchly licenses for each of their team members
How to Prepare for the Event
- Review Trace Labs training video(s)
- Have a personal laptop ready to use
- Note: it is highly recommended to not use a work laptop
- Join our slack group here
- All event communications will take place in our #bsides-roc-2020 channel in our slack group so please do sign up prior!
- Our Secondary method of communication is via our Twitter
- Prepare Your “Work Environment” ahead of time to help you stay anonymous when gathering OSINT on the missing persons at the event
- Recommended to use a virtual machine or run a Linux distribution such as Buscador
- Buscador is a Linux distribution built specifically for OSINT investigations that comes with several pre-installed OSINT tools
- An installation guide for Buscador can be found here: https://null-byte.wonderhowto.com/how-to/use-buscador-osint-vm-for-conducting-online-investigations-0186611/
- Windows and MacOS operating systems will work as well, but you will be responsible for configuring/installing your own tools
- Setup your browsers and plugins such as EXIF Viewer plugins.
- Use a VPN or use TOR. You likely want to hide your trail.
- Setup burner social media accounts (Facebook, LinkedIn, Instagram, Twitter, Google +, etc.) - Not recommended to be logged into your own personal social media account when viewing profiles of missing persons
If you have any questions, please reach out to us at [email protected]