DFIR Related Events for Beginners – July 2020

A list of Digital Forensics and Incident Response related events and training that may be of interest to students/beginners for the month of July.


July 1st, 8th, 15th: Attack Detection Fundamentals (F-Secure) Free and Virtual “Our consultants will refer to live attack examples (like Emotet), explain how each detection technique is effective against different attacks, and map detection techniques to the cyber kill chain. Expect hands-on demonstrations that you can start using straight away.”

The first workshop already happened, but you can view the accompanying lab and the video in the Tweet below. Go HERE to register.


July 2nd: BSides TLV Free and Virtual. Includes talks such as “Uncovering Covert Malware Infestation of Apple’s iOS AppStore” and “Automating Registry Forensics with Python”. You can register here: https://bsidestlv.com/


July 11th: Trace Labs Global OSINT Search Party CTF V ($20) Contestants of all skill levels encouraged to participate! Use your OSINT skills to help find real missing people. You can register HERE.

They also have a CTF Contestant Guide here: http://download.tracelabs.org/Trace-Labs-OSINT-Search-Party-CTF-Contestant-Guide_v1.pdf


July 11th: BSides SATX Free and Virtual. Includes talks such as “Automating Disk and Memory Evidence Collection in AWS” , “Threat Intelligence: How to Focus Fire on the Bad Guys Coming Into Your Network”. and “Infosec Jobsearch Best Practices”. You can register here: https://www.bsidessatx.com/


July 11th: DisInfoSec Free and Virtual. Includes talks such as “About Malware and Reverse Engineering on How it Impacts Users in the Cybersecurity Format”. Go here for more information: https://disinfosec.tech/


July 15th – 17th: RSAC 2020 APJ Free and Virtual. Includes talks such as “Explore Adventures in the Underland: Forensic Techniques against Hackers” and “Threat Hunting — Demystified”. You can register here: https://www.rsaconference.com/


July 16th – 17th SANS DFIR Summit The Summit talks are free. The entire Summit is virtual. Go here for more information: https://www.sans.org/event/digital-forensics-summit-2020


July 27th – 30th: Getting Started in Security with BHIS and MITRE ATT&CK w/ John Strand (4 Sessions – 4 Hour Classes) Virtual training using a Pay What You Want Model (including free). You can register HERE.


Ongoing Events, Training & Blue Team CTFs

Hack Summer: Saturdays 10am Pacific on YouTube. Go here for more information: https://theforeverstudent.com/introducing-hacksummer-33a00e78948d


DFIR Python Study Group: Tuesdays and Thursdays at 12 PM EST The book being used is: Head First Python, 2nd Edition. Click on the Tweet below for all the links.


Magnet Forensics Cache Up: Tuesdays at 11:00AM ET “Cache Up is an interview style show where I will get to speak with some people doing incredible work in forensics and get to know their work and them better.” Go here for more information: https://www.magnetforensics.com/blog/magnet-forensics-presents-cache-up/


Life has no Ctrl + Alt + Delete. “Need to escape isolation and collaborate? Monday, Wednesday and Friday from 12:30PM to 1PM EST, join Heather Mahalik, Cellebrite’s Sr. Director of Digital Intelligence, with guest speakers for live Meetups.” For more information, go here: https://www.cellebrite.com/en/life-has-no-ctrlaltdelete/


Forensic Lunch David Cowen hosts the Forensic Lunch Test Kitchen, a live technical show on YouTube where you can learn about different forensic tools. Subscribe to his YouTube channel Learn Forensics With David Cowen.


Forensic Happy Hour: Fridays at 5pm ET on the Mobile Forensic Investigations YouTube Channel


SANS Mic Talks There are several free SANS Mic Talks this month including “Checkm8, Checkra1n and the new “golden age” for iOS Forensics” and “smbtimeline – An automated timeline for SMB Traffic”. The schedule can be found here: https://www.sans.org/blog/sans-mic-schedule/


Mondays: #CyberMentoringMonday on Twitter (Created by Tanya Janca) Use the hashtag to ask questions or to find a mentor on a specific topic.

If you have questions for the Infosec Twitter community on other days, use the hashtag #AskInfosec


Champlain College CTF: https://champdfa-ccsc-sp20.ctfd.io/


Corelight CTF: There are game dates available on July 7th and July 9th. You can register here: https://www3.corelight.com/l/420832/2020-03-31/lcxk2q


The Splunk Boss of the SOC Blue Team CTF is open for anyone to play. You can register here: https://cyberdefenders.org/accounts/signup/


Pentester Academy has free CTF exercises that include network forensics and reverse engineering. The challenges go from beginner to advanced. You can register here: https://www.ctf.live/



Malware-Traffic-Analysis.net has Traffic Analysis Exercises each month as well as tutorials.


DFIR Social Media


Twitter: Look for the #DFIR hashtag. For people to follow, check out the Women of DFIR and the Men of DFIR.


Facebook: I listed some helpful Facebook groups here: https://dfirdiva.com/facebook-groups


Digital Forensics Discord Server A Beginner’s Guide to the Digital Forensics Discord Server has information on how to join. I cannot recommend this Discord Server enough. It’s a great community.


Cyber Social Hub “A place for Cybersecurity, DFIR, OSINT, Legal, and Technology Investigation Professionals to Connect and Collaborate”.


As always, there’s a list of regularly updated Free Training.