AXCIA-CYBER-26 – Batch 1: Dark Web and Cryptocurrency

AXCIA-CYBER-26 – Batch 1: Dark Web & Cryptocurrency

Course Description

AXCIA-CYBER-26 – Batch 1: Dark Web & Cryptocurrency is part of the AXCIA – Annual Cyber Exercise for Investigating Agencies, jointly organised by the Cyber Operations Division, Kerala Police and the Indian Institute of Information Technology Kottayam.

This training focuses on the practical and investigative aspects of the Dark Web and Cryptocurrency, enabling participants to understand cybercrime techniques, digital evidence handling, and modern investigation methods. The programme combines expert-led sessions, hands-on laboratory exercises, and controlled practical demonstrations aligned with real-world cybercrime investigations.

Course Details

  • Duration: 20 January 2026 – 24 January 2026

  • Mode: In-person / Lab-based training

  • Target Audience:

    • Investigating Officers

Day-wise LMS Course Structure

Day 1 – Introduction to Dark Web

(20 January 2026)

Topics Covered

  • Surface Web, Deep Web & Dark Web – concepts and differences

  • Real-world investigation examples

  • Why criminals use the Dark Web

  • Types of crimes facilitated

  • Investigation challenges and risks

  • TOR network overview

  • Onion routing (simplified)

  • Legal and ethical considerations

  • Safe browsing practices for investigators

  • Introduction to OSINT

  • TOR Browser demo (sandbox)

  • Open-source Dark Web monitoring tools (dummy data)

Learning Outcome

Participants understand the Dark Web landscape, associated risks, and safe exploration methods.

Day 2 – OPSEC & Secure Investigation Environment

(21 January 2026)

Topics Covered

  • Principles of Operational Security (OPSEC)

  • Common investigator mistakes

  • Safe investigation environments

  • Virtual machines, isolation & air-gapped systems

  • Introduction to TAILS OS

  • Live USB navigation

  • Avoiding traceable activities

Hands-on Sessions

  • Booting TAILS OS

  • TOR Browser usage through TAILS

Learning Outcome

Participants can securely configure investigation systems and apply OPSEC principles effectively.

Day 3 – Dark Web Marketplaces & OSINT

(22 January 2026)

Topics Covered

  • Dark Web forums & marketplaces (dummy setup)

  • Forum structures & communication methods

  • Vendor reputation & escrow systems

  • Identifying red flags and targets

  • Forum searches using TOR

  • OSINT tools

  • Sock puppet accounts (theory)

Hands-on Exercises

  • Exploring dummy marketplaces

  • Creating dummy sock puppet accounts

  • Vendor identification exercise

Learning Outcome

Participants gain confidence in controlled OSINT-based Dark Web investigations.

Day 4 – Cryptocurrency & Forensic Entry Points

(23 January 2026)

Topics Covered

  • PGP encryption basics

  • Criminal usage patterns

  • Blockchain fundamentals

  • Bitcoin, Monero & privacy coins

  • Crypto wallets, mixers & tumblers

  • Transaction tracing basics

Hands-on Sessions

  • PGP encryption and decryption

  • Dummy cryptocurrency wallet creation

  • Transaction analysis

  • Simulated TAILS forensic analysis

Learning Outcome

Participants understand cryptocurrency usage, privacy mechanisms, and forensic entry points.

Day 5 – Onion Services & Final Assessment

(24 January 2026)

Topics Covered

  • Introduction to Onion Services (concept & architecture)

  • Criminal use cases of onion websites

  • Onion website hosting using Kali Linux

  • Investigation workflow, documentation & evaluation briefing

Final Assessment

  • MCQ Test

  • Practical Assessment
    (Batch split into two groups of 40 candidates each)

Learning Outcome

Participants demonstrate practical investigative capability in Dark Web and Cryptocurrency cases.

Assessment & Course Completion

  • MCQ-based evaluation

  • Practical hands-on assessment

  • Course completion based on participation and assessment performance