The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training, books, and tools from June, as well as upcoming live online training for July. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.

Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Hack The Box, Amazon.

NEWLY RELEASED TRAINING, BOOKS, LABS & CHALLENGES FROM JUNE, 2024

Level Effect

Our Cyber Defense CTF is live! Beginner to advanced friendly. Prizes for all levels! Draws on July 15th. 🖥️ Challenges: Networking, Email Security, Log Analysis, Forensics, CTI, Incident Response, Reversing, Crypto, OSINT, Scripting. Join now: https://t.co/N80Yyn378q pic.twitter.com/YD4ZzXS7P6

— Level Effect, LLC. (@Level_Effect) June 28, 2024

Level Effect launched a Cyber Defense CTF with challenges from beginner to advanced. Prizes are available. Challenges include:

• Incident Response
• Forensics
• Log Analysis
• OSINT
• CTI
• Reversing
• Networking
• Crypto
• Scripting

---

LetsDefend

LetsDefend added the following courses and challenges:

• Email Forensics Course (VIP+)
• Practical Windows Forensics Course (VIP+)
• Compromised ICS Device Challenge (Free)
• PHP-CGI (CVE-2024-4577) Challenge (Free)
• Obfuscated RAT Challenge (Free)
• Malicious WordPress Plugin Challenge (Free)

Their VIP+ plan ($39.99/month or $359/year).

---

Hack The Box

Hack The Box released the following free DFIR Sherlocks in June:

• Campfire-1
• Campfire-2
• Fragility
• Lockpick3.0

Check out their blog post on the Active Directory DFIR Sherlock Series starting with Campfire-1.

---

Rajneesh Gupta

Rajneesh Gupta added several Hands-On Projects to GitHub including:

• Linux Forensics Projects for Beginners
• Windows Forensics Projects for Beginners
• Analyzing Windows Sysmon Events for Security Incidents
• Log Analysis Projects for Beginners
• Simple Log Analysis with ELK Stack
• Analyzing Windows Event Logs
• Syslog Log Analysis on Linux Server
• Basic Apache Web Server Log Analysis
• Dark Web Monitoring Projects for Beginners
• YARA Projects for Beginners
• Incident Response Projects for Beginners

---

Memory Forensic

We are excited to announce the release of our latest memory forensic challenge made by our team🔍!

📌 Check it out here: https://t.co/i4QabiXLxO

The best part? Now, you can also submit your answer on the platform to check if you found the right flag or not :)🎉#memoryforensics…

— Memory Forensic (@Memory_Forensic) June 30, 2024

Memory Forensic released the Memory Mystery Challenge.

---

Unchartered

Justen Charters of Unchartered announced the release of five new live OSINT courses:

• Report Writing Workshop ($250)
• Advanced OPSEC ($225)
• Crypto Essentials ($400)
• Unmasking Fraud ($450)
• Investigating the Dark Web ($400)

---

CyberDefenders

CyberDefenders released new Free and Pro labs. The Pro account costs $20/month – $200/year. 

• Red Stealer: Threat Intel (Free)
• Agent Tesla: Malware Analysis (Pro)
• IcedID 2: Endpoint Forensics (Pro)
• NerisBot: Threat Hunting: (Pro)
• XXE Infiltration: Network Forensics (Pro)

---

Phil Hagen

Phil Hagen released a DFIR Fundamentals – Timestamp Formats video.

Description from YouTube: “This video covers a few of the more common formats you may encounter in DFIR evidence, as well as demonstrates why “what time is it?” can be a much more complex question than it seems at first.”

---

TryHackMe

TryHackMe released the following free and premium DFIR Walkthrough Rooms in June:

• Windows Incident Surface (Free)
• iOS Analysis (Premium)
• TShark: The Basics (Premium)
• TShark: CLI Wireshark Features (Premium)

TryHackMe Premium is $14/month or $126/year.

---

Blue Team Labs Online

Blue Team Labs Online released the following Pro New Investigations:

• Domainnance: Incident Response
• Insider Brett: Incident Response
• Granny: Digital Forensics
• Nika-AD: Incident Response
• Magika: Reverse Engineering

Their Pro subscription ranges from $19/month to $183/year.

---

ACE Responder

📢A new challenge is now available on https://t.co/syTSzIl91e!

Take on a hybrid #Entra #Azure AD compromise#ThreatHunting #DFIRhttps://t.co/yo0ue7DcLf

— ACE Responder (@ACEResponder) June 24, 2024

ACE Responder released a new challenge: Intune Infiltration. This is part of their $17.49/month Analyst subscription.

---

Lenny Zeltser

How can we write better incident reports? Here's the video of my talk from the RSA Conference. The audience rated it highly, so you might find it informative: https://t.co/ynKhvvWvzD

— Lenny Zeltser (@lennyzeltser) June 18, 2024

Lenny Zeltser shared a video of his talk from the RSA Conference: How to Keep Your Cool and Write Powerful incident Response Reports as well as his related blog post containing sample report templates.

---

13Cubed

🎉 Happy Saturday! I'm pleased to announce that Investigating Linux Devices is now available! Check out the launch video here: https://t.co/h2k9N6UOfk #DFIR

— 13Cubed (@13CubedDFIR) June 15, 2024

13Cubed launched a new training course: Investigating Linux Devices. The cost is $895 and includes training, Certificate of Completion upon completing the training, and Certification upon passing the Knowledge Assessment. Topics Include:

• Introduction to Linux
• Linux Logs
• Linux File Systems
• Persistence Mechanisms
• Evidence Collection
• Timelining
• Linux Memory Forensics
• Live Response
• Analyzing a Compromised System

---

BushidoToken

BushidoToken released a CTI Training Repository on GitHub called The CTI Analyst Challenge. There is also a blog post about it.

---

Cynthia Hetherington

Cynthia is proud to share the release of the third edition of her seminal book, “OSINT: The Authoritative Guide to Due Diligence.” This essential guide is now available on Amazon and is quickly achieving success: ranking no. 1 among new releases in desktop database books, no. … pic.twitter.com/VXrIi996Hx

— Hetherington Group (@HetheringtonGrp) June 20, 2024

Cynthia Hetherington released the book OSINT: The Authoritative Guide to Due Diligence.

---

Dr Josh Stroschein – The Cyber Yeti

Dr Josh Stroschein released two new Malware Analysis videos:

• Investigating Sections in PE Files and Why They Are Important for Reverse Engineering
• Malware Mondays #04 – BTS: Exploring Strings in a Sample C Program

---

Open Source Investigations in the Age of Google

Open Source Investigations in the Age of Google is out now + free! https://t.co/UwUOmOCbai

Part 2 covers key issues in Transparency & Accountability with chapters on remote scrutiny, local monitoring, human rights, nuclear weapons, small arms, airstrikes & ethical best practice pic.twitter.com/yrMV8HPBpA

— Henrietta Wilson (@hrgwilson1) June 11, 2024

The book Open Source Investigations in the Age of Google by Henrietta Wilson et al. was recently released and is FREE.

---

MYDFIR

MYDFIR created 3 new SOAR EDR Project videos. They are on the Cybersecurity Projects playlist. A video on Getting Started with the SpiderFoot OSINT Tool was also released.

---

CYBERWOX

Day Johnson of CYBERWOX has two new videos with Purav Desai, creator of DecipheringUAL.

• Microsoft 365 Forensics & Incident Response w/ Purav Desai ~ Detection Opportunities EP 4
• Detecting Privilege Escalation Techniques in Microsoft 365 ~ Detection Opportunities EP 5

---

NEWLY RELEASED TOOLS & PLATFORMS

OSINTQuest

🚀 Exciting News! After months of dedicated work and passionate efforts, we are thrilled to announce the official launch of our OSINT analysis platform!😍

🔗 Explore the platform here: https://t.co/IiSfdwf6YR
Use Chrome for best experience! 😎#osint #investigation #osinttool pic.twitter.com/3QIK0zF7ql

— osintquest (@OsintQuest) June 25, 2024

OSINTQuest launched their new OSINT Analysis Platform. Tools on the platform include:

• Graph
• Social Media
• Sock Puppets
• Email Investigation
• Companies Investigation
• Web Investigation

---

OnChain Industries

🎉Our partners and @OSINTindustries have just launched https://t.co/hhepl8PgkF. A crypto OSINT tool.

50+ new crypto wallet modules!

Search any wallet from 8 different chains and discover where they have accounts, including names, profile links, and much more…

Try it out… https://t.co/I7kBKH11ZM

— Nathaniel Fried (@nattyfried) June 5, 2024

OnChain Industries released a new Crypto Wallet search tool. You can get 10 credits per month for free or 20 credits per month for $12.65/month.

---

5f0ne

Do you want to have a quick overview of available files during an investigation?

pip install filewalkerhttps://t.co/DNm3DYBRiS#digitalforensics #dfir #infosec #investigation

— 5f.0 (@5f_0ne) June 4, 2024

5f0ne released Filewalker.

Description from GitHub: Searches hard drives/given path for files specified by file extensions

---

UPCOMING CTFS & LIVE TRAINING FOR JULY, 2024

TRAINING TUESDAY HIGHLIGHTS

This year, I started doing Training Tuesday Highlights on LinkedIn, Twitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.

June Highlights:

• June 4th: Active Countermeasures
• June 11th: LeanPub
• June 18th: HackerSploit
• June 25th: Brett Shavers

ADDITIONS TO THE TRAINING SITE

The following was added to the Free & Affordable Training Site in June:

• MYDFIR SOC Analyst Course
• 13Cubed Certified: Investigating Linux Devices
• Live OSINT Training (Unchartered)

CURRENT DISCOUNTS

Get 30% off Cyber 5W courses until July 31st using code: c5w30off24

Get 25% off the Constructing Defense course using code: DFIRDIVA

GIVEAWAY

I’ve partnered with Detego Global on a giveaway! Three winners will get FREE access to their beginner friendly Digital Forensics and Cyber Crime Investigations course. Detego merchandise and DFIR books by Rob Fried are also part of the giveaway.

To enter, follow Detego Global on LinkedIn and fill out the entry form here: https://detegoglobal.com/DFIRdiva/

Entries will be accepted until July 30th. Winners will be chosen by Detego Global on July 31st.