The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training, books, and tools from June, as well as upcoming live online training for July. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.
Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Hack The Box, Amazon.
NEWLY RELEASED TRAINING, BOOKS, LABS & CHALLENGES FROM JUNE, 2024
Level Effect
Level Effect launched a Cyber Defense CTF with challenges from beginner to advanced. Prizes are available. Challenges include:
- Incident Response
- Forensics
- Log Analysis
- OSINT
- CTI
- Reversing
- Networking
- Crypto
- Scripting
LetsDefend






Source: @LetsDefendIO on Twitter(X)
LetsDefend added the following courses and challenges:
- Email Forensics Course (VIP+)
- Practical Windows Forensics Course (VIP+)
- Compromised ICS Device Challenge (Free)
- PHP-CGI (CVE-2024-4577) Challenge (Free)
- Obfuscated RAT Challenge (Free)
- Malicious WordPress Plugin Challenge (Free)
Their VIP+ plan ($39.99/month or $359/year).
Hack The Box



Source: @hackthebox_eu on Twitter (X)
Hack The Box released the following free DFIR Sherlocks in June:
- Campfire-1
- Campfire-2
- Fragility
- Lockpick3.0
Check out their blog post on the Active Directory DFIR Sherlock Series starting with Campfire-1.
Rajneesh Gupta

Source: 0xrajneesh on GitHub
Rajneesh Gupta added several Hands-On Projects to GitHub including:
- Linux Forensics Projects for Beginners
- Windows Forensics Projects for Beginners
- Analyzing Windows Sysmon Events for Security Incidents
- Log Analysis Projects for Beginners
- Simple Log Analysis with ELK Stack
- Analyzing Windows Event Logs
- Syslog Log Analysis on Linux Server
- Basic Apache Web Server Log Analysis
- Dark Web Monitoring Projects for Beginners
- YARA Projects for Beginners
- Incident Response Projects for Beginners
Memory Forensic
Memory Forensic released the Memory Mystery Challenge.
Unchartered

Source: Unchartered.info
Justen Charters of Unchartered announced the release of five new live OSINT courses:
- Report Writing Workshop ($250)
- Advanced OPSEC ($225)
- Crypto Essentials ($400)
- Unmasking Fraud ($450)
- Investigating the Dark Web ($400)
CyberDefenders





Source: @CyberDefenders on Twitter(X)
CyberDefenders released new Free and Pro labs. The Pro account costs $20/month – $200/year.
- Red Stealer: Threat Intel (Free)
- Agent Tesla: Malware Analysis (Pro)
- IcedID 2: Endpoint Forensics (Pro)
- NerisBot: Threat Hunting: (Pro)
- XXE Infiltration: Network Forensics (Pro)
Phil Hagen

Source: YouTube – @PhilHagen
Phil Hagen released a DFIR Fundamentals – Timestamp Formats video.
Description from YouTube: “This video covers a few of the more common formats you may encounter in DFIR evidence, as well as demonstrates why “what time is it?” can be a much more complex question than it seems at first.”
TryHackMe




Source: @RealTryHackMe on Twitter(X)
TryHackMe released the following free and premium DFIR Walkthrough Rooms in June:
- Windows Incident Surface (Free)
- iOS Analysis (Premium)
- TShark: The Basics (Premium)
- TShark: CLI Wireshark Features (Premium)
TryHackMe Premium is $14/month or $126/year.
Blue Team Labs Online


Source: @BlueLabsOnline on Twitter(X)
Blue Team Labs Online released the following Pro New Investigations:
- Domainnance: Incident Response
- Insider Brett: Incident Response
- Granny: Digital Forensics
- Nika-AD: Incident Response
- Magika: Reverse Engineering
Their Pro subscription ranges from $19/month to $183/year.
ACE Responder
ACE Responder released a new challenge: Intune Infiltration. This is part of their $17.49/month Analyst subscription.
Lenny Zeltser
Lenny Zeltser shared a video of his talk from the RSA Conference: How to Keep Your Cool and Write Powerful incident Response Reports as well as his related blog post containing sample report templates.
13Cubed
13Cubed launched a new training course: Investigating Linux Devices. The cost is $895 and includes training, Certificate of Completion upon completing the training, and Certification upon passing the Knowledge Assessment. Topics Include:
- Introduction to Linux
- Linux Logs
- Linux File Systems
- Persistence Mechanisms
- Evidence Collection
- Timelining
- Linux Memory Forensics
- Live Response
- Analyzing a Compromised System
BushidoToken

Source: BushidoToken GitHub
BushidoToken released a CTI Training Repository on GitHub called The CTI Analyst Challenge. There is also a blog post about it.
Cynthia Hetherington
Cynthia Hetherington released the book OSINT: The Authoritative Guide to Due Diligence.
Dr Josh Stroschein – The Cyber Yeti

Dr Josh Stroschein released two new Malware Analysis videos:
- Investigating Sections in PE Files and Why They Are Important for Reverse Engineering
- Malware Mondays #04 – BTS: Exploring Strings in a Sample C Program
Open Source Investigations in the Age of Google
The book Open Source Investigations in the Age of Google by Henrietta Wilson et al. was recently released and is FREE.
MYDFIR


Source: @MyDFIR on YouTube
MYDFIR created 3 new SOAR EDR Project videos. They are on the Cybersecurity Projects playlist. A video on Getting Started with the SpiderFoot OSINT Tool was also released.
CYBERWOX

Source: @DayCyberwox on YouTube
Day Johnson of CYBERWOX has two new videos with Purav Desai, creator of DecipheringUAL.
- Microsoft 365 Forensics & Incident Response w/ Purav Desai ~ Detection Opportunities EP 4
- Detecting Privilege Escalation Techniques in Microsoft 365 ~ Detection Opportunities EP 5
NEWLY RELEASED TOOLS & PLATFORMS
OSINTQuest
OSINTQuest launched their new OSINT Analysis Platform. Tools on the platform include:
- Graph
- Social Media
- Sock Puppets
- Email Investigation
- Companies Investigation
- Web Investigation
OnChain Industries
OnChain Industries released a new Crypto Wallet search tool. You can get 10 credits per month for free or 20 credits per month for $12.65/month.
5f0ne
5f0ne released Filewalker.
Description from GitHub: Searches hard drives/given path for files specified by file extensions
UPCOMING CTFS & LIVE TRAINING FOR JULY, 2024
Beyond File Names: Decoding the Secrets of Files with Signatures & Metadata | SANS
Cost: Free
Advanced Forensics Workshop: Handling AI and Unsupported Apps in Smartphone Investigations | SANS
Cost: Free
Cyber Security Incident Management w/Gerard Johansen | Antisyphon Training
Cost: Free
Data Carving: Recovering Hidden Files from Digital Graveyards | SANS
Cost: Free
Placing the Suspect Behind the Keyboard, Vol 2: DFIR Investigative Mindset Course | Brett Shavers
Cost: $899.99
Global Intelligence Discovery: Uncovering Insights from Nation-States | Unchartered
Cost: $800
Mastering Best Practices in Open Source Intelligence (OSINT) | Red Snapper Learning
Cost: Free
Cyber Thursdays – A Day in the Life of a Digital Forensic Investigator | North Central Texas SBDC
Cost: Free
Decoding Time: Understanding Endianness and Timestamp Formats | SANS
Cost: Free
Placing the Suspect Behind the Keyboard, Vol 2: DFIR Investigative Mindset Course | Brett Shavers
Cost: $899.99
TRAINING TUESDAY HIGHLIGHTS
This year, I started doing Training Tuesday Highlights on LinkedIn, Twitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.
June Highlights:
- June 4th: Active Countermeasures
- June 11th: LeanPub
- June 18th: HackerSploit
- June 25th: Brett Shavers
ADDITIONS TO THE TRAINING SITE
The following was added to the Free & Affordable Training Site in June:
- MYDFIR SOC Analyst Course
- 13Cubed Certified: Investigating Linux Devices
- Live OSINT Training (Unchartered)
CURRENT DISCOUNTS
Get 30% off Cyber 5W courses until July 31st using code: c5w30off24
Get 25% off the Constructing Defense course using code: DFIRDIVA
GIVEAWAY
I’ve partnered with Detego Global on a giveaway! Three winners will get FREE access to their beginner friendly Digital Forensics and Cyber Crime Investigations course. Detego merchandise and DFIR books by Rob Fried are also part of the giveaway.
To enter, follow Detego Global on LinkedIn and fill out the entry form here: https://detegoglobal.com/DFIRdiva/
Entries will be accepted until July 30th. Winners will be chosen by Detego Global on July 31st.