Free & Affordable Training News Monthly: July – Aug, 2024

The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training and tools from July, as well as upcoming live online training and events for August. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.

Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Hack The Box, Pluralsight.

NEWLY RELEASED TRAINING, LABS & CHALLENGES FROM JULY, 2024

Hexordia/Cyber5W

There are two new hands-on courses on Cyber 5W. Both come with certificates of completion.

Hexordia’s HEX-220 iOS Analysis ($150) covers:

  • File Systems
  • Encryption
  • Acquisition
  • Artifacts
  • System Artifacts
  • References

Incident Response 101 ($100) covers:

  • Preparation Phase
  • Detection Phase
  • Acquisition Phase

The DFIR Report

The DFIR Report released an new DFIR Lab: LockBit Ransomware – Private Case #27244

Cost: $19.99 – $84.99 (includes a certificate and badge upon successful completion)


Blue Team Labs Online

Blue Team Labs Online released the following Pro Investigations in July:

  • Jakuten: Threat Intelligence
  • Mitsu: Security Operations
  • Sysadmin Nightmare: Reverse Engineering
  • Just a Viewer: Incident Response
  • Parcel: Incident Response
  • StrikeCrowd: Reverse Engineering

Their Pro subscription ranges from $19/month to $183/year.


LetsDefend

LetsDefend added the following courses and challenges:

Their VIP+ plan costs $39.99/month or $359/year.


CyberDefenders

CyberDefenders released the following new Free and Pro labs. The Pro account costs $20/month – $200/year.

  • PhishStrike: Threat Intel (Pro)
  • Reveal: Endpoint Forensics (Free)
  • JetBrains: Network Forensics (Pro)
  • Trigona Ransomware: Endpoint Forensics (Pro)

TryHackMe

TryHackMe released the following free and premium DFIR Walkthrough Rooms in July:

TryHackMe Premium is $14/month or $126/year.


Hack The Box

Hack The Box released the following free DFIR Sherlocks last month:

  • Heartbreaker-Denouemnent
  • Heartbreaker-Continuum

ACE Responder

ACE Responder released a new challenge: Blind Spot. This is part of their $44.49/month Defender subscription.


Ali Hadi

Ali Hadi added two new challenges to his website:


CyberWarFare Labs

CyberWarFare Labs launched their Infinity Learning Platform with Cloud Offensive, Defensive, and Purple Labs. Defensive Labs cover AWS, Azure, and GCP.

Some of the Defensive challenges include:

  • AWS: Investigating Suspicious IAM User Account Creation
  • Azure: Investigating Suspicious Service principal credential creation
  • GCP: Investigating GCP Data Exfiltration Through Replication Activity

There are several more! The platform is currently free.


13Cubed

13Cubed released a new Mounting Linux Disk Images in Windows video on YouTube.


Mossé Cyber Security Institute

Mossé Cyber Security Institute has 3 new OSINT and Forensics certifications. All three include training and are 100% hands-on. They cost $995 each.

The MCDFA – Certified Cyber Defense Forensics Analyst & MFA – Certified Forensics Analyst topics look pretty much the same. They include:

  • Lab Setup and Virtualization
  • File and Disk Forensics
  • Windows Forensics
  • Behavioral and Memory Analysis
  • Malware Analysis
  • Documentation

The MASA – Certified All Source Analyst topics include:

  • Lab Setup and Virtualization
  • Open Source Intelligence (OSINT) Fundamentals
  • Cyber Threat Intelligence (CTI) Concepts and Operations
  • Information Gathering and Analysis

Matthew Plascencia

Image Not Found

Matthew Plascencia created two new YouTube videos:


My OSINT Training

My OSINT Training held a webinar on using their bookmarklets library. The Expert OSINT Tools: Free, Powerful Bookmarklets for Digital Investigators video is now available on YouTube.


Cyber Security – Purple Team

Image Not Found

Cyber Security – Purple Team created several new videos on using FTK Imager.


Dr Josh Stroschein

Dr Josh Stroschein has a new Malware Mondays video on Analyzing Malicious Network Traffic with Suricata.


Pluralsight

Image Not Found

A new course, Malware Analysis: Assembly Basics, taught by Josh Stroschein is now available on Pluralsight. This is part of the Malware Analysis Path.

Topics include:

  • Demystifying CPU Architecture and Number Systems
  • Learning the Building Blocks of Assembly
  • Common Code Structures

Xintra

Xintra released a new APT-level incident lab: TechTonik Inc.

Subscriptions are $45/month – $459/year. There is also a 7-day free trial. Labs have a Certificate of Completion.


Sofia Santos

Sofia Santos released OSINT Exercise 028.


NEWLY RELEASED TOOLS & PLATFORMS

The DFIR Thing

Image Not Found

Jouni Mikkola released The DFIR Thing. Check out their YouTube Playlist and blog post about it.

Description from GitHub:

“The DFIR thing is a project which is meant to be used to parse and analyze data for DFIR purposes. The main idea is to use docker and docker-compose to make it easy to launch a new environment when needed. Currently only evtx logs are being parsed and they are not parsed as raw. Rather the data is parsed with Chainsaw and Hayabusa. The results are sent to ELK for investigation purposes.”


LinImageMounter

Minoru Kobayashi released LinImageMounter.

Description from GitHub: “LinImageMounter is a Python tool designed to simplify the process of mounting disk images on Linux systems. It provides a user-friendly command line interface to mount disk images, making it easier for forensic analysts, system administrators, and enthusiasts to access the contents of disk images without the need for complex commands or manual setup.”


Chrome-Profile-View

Image Not Found

The CCL Group released chrome-provile-view. They also have a blog post about it: Shiny New Chrome Tool Now Available

Description from GitHub: “A Python web app for previewing data in Chrome/Chromium profile folder.”


Insider Threat Matrix

The Insider Threat Matrix was recently made public.

Description from the website: “ITM is a continually growing framework for Digital Investigators investigating instances of computer-enabled insider threats in organizations of any size.”


UPCOMING LIVE TRAINING, CONFERENCES AND CTFS FOR AUGUST, 2024

Aug1

Maveris Olympics OSINT CTF

When:
Where:Online

This free OSINT CTF started July 26th and runs until August 12th.

Aug2

Hands-On Digital Evidence: Exploring Evidence with Mounted Images | SANS

When:
Where:Online

Cost: Free

Aug2

OSMOSIS OSINT Capture the Flag Challenge

When:
Where:Online

This free CTF runs until August 5th.

Aug3

Trace Labs Global OSINT Search Party CTF

When:
Where:Online

Cost: $20

Aug7

Mastering the Threat Landscape: DFIR Fundamentals| Blue Cape Security

When:
Where:Online

Cost: Free

Aug13

Enterprise Forensics and Response w/Gerard Johansen | Antisyphon Training

When:
Where:Online

Cost: $575

Aug14

Uncovering Cyber Threats: Key Forensic Concepts | Blue Cape Security

When:
Where:Online

Cost: Free

Aug21

PFIC (DFIR, OSINT & Cyber Conference)

When:
Where:Online

Cost: Free

Aug21

Essential DFIR Tools and Techniques for Effective Analysis | Blue Cape Security

When:
Where:Online

Cost: Free

Aug22

SANS DFIR Summit

When:
Where:Online

Cost: Free

Aug26

SOC Core Skills w/ John Strand | Antisyphon Training

When:
Where:Online

Cost: Pay What You Can (Free – $575)

Aug26

OSINT Fundamentals | Unchartered

When:
Where:Online

Cost: $500

Aug28

Fearless Forensic Shell Fu With Hal Pomeranz | Antisyphon Training

When:
Where:Online – YouTube

Cost: Free

Aug28

OSINT Report Writing Workshop | Unchartered

When:
Where:Online

Cost: $250

Aug29

Investigating the Dark Web | Unchartered

When:
Where:Online

Cost: $400

TRAINING TUESDAY HIGHLIGHTS

This year, I started doing Training Tuesday Highlights on LinkedInTwitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.

July Highlights:

ADDITIONS TO THE TRAINING SITE

The following was added to the Free & Affordable Training Site in July:


Want to get email notifications of new blog posts?