Free & Affordable Training News Monthly: March – April 2024

The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training and books from March, as well as upcoming live online training for April. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.

Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Blue Cape Security, TCM Security.



Cyber 5W released a new certification; the C5W Certified Malware Analyst. The $600 price includes training, labs, and the certification exam.

Training Includes:

  • Introduction to Malware Analysis
  • Static Malware Analysis 101
  • Dynamic Malware Analysis 101
  • Static Malware Analysis 102 – IDA Pro
  • Static Malware Analysis 102 – Ghidra
  • Dynamic Malware Analysis 102
  • Analyzing Managed Code (readable/uncompiled)
  • Extracting IOCs and Writing YARA Rules
  • Hands-On Labs

They also released two new hands-on courses that come with certificates of completion:

Grzegorz Tworek

Image Not Found

Grzegorz Tworek released the Mastering Windows Forensics course.

Early-Bird Price until April 1st:

$299 (course access only)

$799 (Course + Membership Access)

Topics Include:

  • Windows Search Artifacts
  • NTFS Structures
  • Disk Imaging
  • Memory Dumps
  • Windows Prefetch
  • Hardware-Related Artifacts
  • The Recycle Bin
  • Log Analysis
  • Windows Logging
  • Internet Browser Artifacts
  • SRUM Database
  • Identifying Suspicious Files and Settings
  • Active Directory and its Database
  • Windows Registry Analysis
  • User Profile Analysis
  • Managing Digital Forensics and Incident Response
  • Online and Offline Analysis
  • Case Studies and Real-world Scenarios

Blue Cape Security

Blue Cape Security released two new free Build Your Lab Tutorials:

They also released the new hands-on course Enterprise Security Fundamentals with online labs.

Cost: $299 (It can also be bundled with Practical Windows Forensics with their Hero Bundle for $449)

The course comes with a Certificate of Completion and online lab access.

Topics Include:

  • Cyber Threat Landscape
  • Enterprise Domain Environments
  • Logging, Telemetry, Visibility
  • Windows Event Logs
  • PowerShell Event Logging and Tuning
  • Sysmon Event Logging and Detection
  • Initial Access Techniques
  • Discovery, Execution and File Transfer with LOLBins
  • Domain Reconnaissance
  • Credential Attacks
  • Lateral Movement Techniques
  • Windows Endpoint Compromise
  • Persistence Mechanisms
  • Privilege Escalation Techniques
  • Execution and Defense Evasion
  • Data Staging and Exfiltration Techniques
  • Network Telemetry and Security
  • C2 Beacon Analysis
  • Malware Analysis

Kase Scenarios

Image Not Found

Kase Scenarios released Project Sandshark, a 100% report writing OSINT scenario.

Cost: $125

I had the opportunity to beta test Project Sandshark and earn the badge. This is a great scenario! It also comes with 6 weeks of free access to Forensic OSINT.

CyberWarFare Labs

Image Not Found

CyberWarFare Labs released Blue Team Fundamentals [BTF] training for $29. It includes a Certificate.


  • Introduction to Cyber Defense
  • Roles & Responsibilities
  • Cyber Security Framework
  • Introduction to Cyber Operations
  • Foundations of Cyber Threat Analysis and Intelligence
  • Proactive Cyber Threat Hunting
  • Incident Response Strategies and Techniques
  • Unveiling the Secrets of Digital Investigations
  • Hands-On Labs

Dr Josh Stroschein – The Cyber Yeti

Image Not Found

Dr Josh Stroschein started Malware Mondays with free hands-on exercises related to a specific malware artifact or data capture.

OSINT Techniques

Image Not Found

OSINT Techniques: The Ultimate Virtual Machine Book was released by Michael Bazzell.

Cost $20

Cyber Detective

Image Not Found

Cyber Detective created a new GitHub repository with several cheatsheets. Including:

  • Crypto OSINT
  • Image OSINT
  • Telegram OSINT
  • Reverse Face Search
  • Username OSINT
  • Netlas CookBook
  • Linux for OSINT
  • Company Website Info Gathering
  • Awesome Hackers Search Engines

CSI Linux

Image Not Found

CSI Linux released their new training and certification CSI Linux Certified Covert Comms Specialist (CSIL-C3S).

Cost: $385

Topics Include:

  • Understanding Covert Communications
  • Laws, Ethics, and Human Rights
  • Operational Security (OPSEC)
  • Traditional Covert Techniques
  • Burner Phones
  • Sock Puppet Accounts
  • Shared Email
  • Stenography
  • Alternate Data Streams
  • Side Channel Communications
  • SDRs and Radios
  • Encryption
  • Network Subterfuge
  • VPNs
  • SSH
  • Darknet and Clandestine Networks

Blue Team Labs Online

Blue Team Labs Online released four new labs in March. They are part of the Pro subscription ($19/month to $183/year).

The Labs Include:

  • Pyspanda (Reverse Engineering)
  • Vault (Security Operations)
  • Cozy Bear 2 (Security Operations)
  • PHP (Threat Intelligence)


LetsDefend added several free challenges and an Advanced Event Log Analysis course. The course is part of their VIP+ plan ($39.99/month or $359/year).

New Challenges Include:

  • macOS Malware
  • Image Stegano


Image Not Found

CyberDefenders released new Free and Pro labs. The Pro account costs $20/month – $200/year. 

New Labs and Challenges:

  • RetailBreach: Network Forensics (Pro)
  • AsyncRAT: Malware Analysis (Pro)
  • Web Investigation: Network Forensics (Free)
  • Malicious PyPi: Endpoint Forensics (Pro)
  • UnPackME: Malware Analysis (Free)
Image Not Found

They also added VBA Macro Analysis with a hands-on lab to their Certified CyberDefender (CCD) Certification and Training.


TryHackMe released free DFIR challenges and walkthroughs:

Sofia Santos

Image Not Found

Sofia Santos released OSINT Exercise 025. All of Sofia’s OSINT exercises are free.

Ace Responder

Image Not Found

Ace Responder released Investigating Entra ID Attacks. This is part of their $17.49/month Analyst subscription.



Date: April 1st, 2024

Cost: Free

Starting April 1st, Hexordia will be hosting a Weekly CTF challenge.


Date: April 1st, 2024

Cost: Free

Hacktoria is hosting a free OSINT & Cyber CTF: The Midnight Slayer

My OSINT Training

Dates: April 2nd – 5th, 2024

Cost: $399

OSINT Immersion Live Course


Date: April 5th, 2024

Cost: Free

Belkasoft’s BelkaCTF #6: Bogus Bill starts on April 5th

Antisyphon Training

Dates: April 9th – 12th, 2024

Cost: $575

Advanced Endpoint Investigations w/Alissa Torres

Active Countermeasures

Date: April 12th, 2024

Cost: Free

Cyber Threat Hunting Training Level 1

Free hands-on training with a Certificate of Attendance.

Trace Labs

Date: April 20th

Cost: $20

Trace Labs announced in their Discord server that the next anticipated OSINT Search Party CTF will be April 20th. Tickets typically go on sale on Eventbrite 14 days before the CTF.

The OSINTion

Antisyphon Training

Dates: April 23rd – 26th, 2024

Cost: Pay What You Can ($25-$575)

Getting Started in Packet Decoding w/Chris Brenton

Description: This class assumes that you are new to decoding network traffic. The class is filled with hands-on exercises, many of which are walk-throughs of packet decoding tools that will guide you through the process.


The following was added to the Free & Affordable Training Site this month:


This year, I started doing Training Tuesday Highlights on LinkedInTwitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.

March Highlights: