Digital Intelligence and Security Operations Group (DISOG) has an article up on how to start investigating botnets.

They article contains a number of sections:

  • Section 1, the rules of behavior
  • Section 2, Locating binaries
  • Section 3, extracting information
  • Section 4, putting it all together
  • Section 5, moving on

While tempting to engage in, it is important to keep in mind that most botnets are run by criminals who try to make money. There are several cases where people who were getting between the criminal and their intended money received (plausible) threats to their personal safety, as well as to their family members'.
Also, by engaging in botnets, and connecting to potentially infected machines, you are also conducting criminal acts in many places of the world.
While the article does mention these elements, it continues to elaborate. It kind-of feels like the "oh; I did not know he would actually point the gun at a person and shoot it!"-kind of line of reasoning. My advice: do not do it! Stay away from botnets, and especially from their operators.
Simple, isn't it?