The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training and tools from October, as well as upcoming live online training and events for November. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.
Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Hack The Box, Hexordia, Humble Bundle.
NEWLY RELEASED TRAINING, LABS & CHALLENGES FROM OCTOBER, 2024
Hexordia
Source: Hexordia Courses
Hexordia, who used to have courses on Cyber 5W launched their own learning platform. Most of their courses are over $1,000 but they do have the following free courses:
- Mobile Forensics Fundamentals Pt 1
- Mobile Forensics Fundamentals Pt 2
- Mobile Device Preservation
- Creating Mobile Test Data
The courses come with a Certificate of Completion.
LetsDefend
Source: @LetsDefendIO on Twitter(X)
LetsDefend added the following courses and challenges:
- Suspicious Python Package Challenge (Free)
- Basics of Hard Disks and File Systems Course (VIP+)
- Upstyle Backdoor Challenge (Free)
- Understanding Malware Course (VIP+)
- iOS Forensics Course (VIP+)
- Kernel Exploit Challenge (Free)
TryHackMe
Source: @RealTryHackMe on Twitter (X)
TryHackMe released the following new DFIR challenge rooms and modules in October:
- Brains (Premium)
- Extracted (Free)
- Linux Endpoint Investigation Module (Free & Premium Rooms)
The TryHackMe Premium Subscription is $14/month or $126/year.
Blue Team Labs Online
Sources: @BlueLabsOnline on Twitter(X), BTLO Halloween
Blue Team Labs Online released the following free and Pro Investigations in October including their limited time Trick or Threat event investigations:
- Nano: Security Operations (Pro)
- Spider: Threat Intelligence (Pro)
- Trick or Threat Halloween Event Investigations
- Haunted: Threat Intelligence (Free)
- Nonyx: Reverse Engineering (Free)
- Ozarks: Security Operations (Pro)
- Pikaboo: Incident Response (Pro)
- Typhon: Incident Response (Pro)
- Masquerade: Digital Forensics (Pro)
Their Pro subscription ranges from $19/month to $183/year.
CyberDefenders
Source: @CyberDefenders on Twitter(X)
CyberDefenders released the following new Pro labs. The Pro account costs $20/month – $200/year.
- AndroidBreach: Endpoint Forensics
- IMDSv1: Cloud Forensics
- LummaStealer: Endpoint Forensics
- MeteorHit: Endpoint Forensics
Hack The Box
Source: @hackthebox_eu on Twitter (X)
Hack The Box released the following Sherlocks last month:
- Latus
- Super Star
- Pikaptcha
They also released a new User Behavior Forensics training module in Hack The Box Academy. The course can be accessed for $50 (500 cubes). It is also included in their $18/month – $490/year Silver subscription.
Topics Include:
- Shellbags
- User Assist
- Search History in File Explorer
- JumpLists, LNK Files, Recent Docs, TypedPaths, Archive History, ActivityCach.db
- Run MRU Forensics
- User’s Sticky Notes Forensics
- Command-Line History Forensics
- Saved SSH Keys and Server Info
- USB Devices
- Terminal Server History
Invoke RE
Source: Invoke RE Training
Invoke RE launched a Binary Ninja Edition of their Malware Binary Triage Course. This hands-on course is $399 and includes lifetime access, a Binary Ninja license, and a certificate of completion. Read more about it in their blog post.
Kase Scenarios
Kase Scenarios created two new beginner level OSINT training scenarios:
- Dragon Con Detective (Free)
- SCP: Insurgency ($20)
Dragon Con Detective comes with a Certificate of Completion and SCP: Insurgency comes with a digital badge.
Xintra and 13Cubed
13Cubed created a new lab for Xintra called KG Distribution. Xintra subscriptions are $45/month – $459/year. There is also a 7-day free trial. Labs have a Certificate of Completion.
13Cubed also has a walkthrough for the lab on his YouTube channel.
CyberDefNerd
CyberDefNerd created a YouTube video about Linux Artifacts: Timestamps of last SUDO command execution.
TCM Security
TCM Security launched their Practical Junior Security Analyst (PJSA) Certification. The cost is $249 and includes training and 2 exam attempts.
Topics Include:
- Security Operations Fundamentals
- Phishing Analysis
- Network Security Monitoring
- Network Traffic Analysis
- Endpoint Security Monitoring
- Endpoint Detection and Response
- Log Analysis and Management
- Security Information and Event Management (SIEM)
- Threat Intelligence
- Digital Forensics
- Incident Response
Pluralsight
Dr Josh Stroschein launched a new Specialized Malware: .NET Malware course on Pluralsight.
BlueMonkey4n6
Source: @BlueMonkey4n6 YouTube channel
BlueMonkey4n6 released the following videos on YouTube:
- Base64 Explained – Used for Good (Email, Web) and for Evil (Malware)
- Granting Custom Root Access on a Linux System – Sudoers File Tutorial
Ali Hadi & Cyber 5W
Ali Hadi created a ShadowMe #1 – Intro to Static Malware Analysis video on YouTube.
There is also a corresponding ShadowMe #1 lab on Cyber 5W for $20.
Cyber5W also released a hands-on Security Operations Center (SOC) course for $50. The course comes with a Certificate of Completion.
Topics Include:
- Log Sources
- Endpoint Detection and Response (EDR)
- Threat Intelligence
- Case Management
- ELK-Stack
- Log Collections
- Extended Logging
The DFIR Report
The DFIR Report created a new DFIR Lab: BlackSuit Ransomware. It costs $24.99 – $89.99 and comes with a certificate and digital badge upon completion.
They also released a new DFIR report: Inside the Open Directory of the “You Dun” Threat Group.
Sofia Santos
Sofia Santos created the free OSINT Exercise #030.
UPCOMING LIVE TRAINING, CONFERENCES, AND CTFS FOR NOVEMBER, 2024
SANS Holiday Hack Challenge 2024: Snow-maggedon
Cost: Free
The Holiday Hack Challenge runs until January.
NEWLY RELEASED TOOLS & PLATFORMS
ZipWalker
Kevin Pagano created ZipWalker.
Description from GitHub: A simple easy script to read the contents of a zip folder and extract metadata.
iCATCH
Aaron Willmarth created iCATCH.
Description from GitHub: The iOS Cache Analysis for Tracking Coordinates History (iCatch) is a utility to process the iOS Cache.sqlite database and create a timelined KML map for use in Google Earth. This utility allows you to export GPS data from the iOS Cache.SQLite database, generate CSV and KMZ files, and log details for analysis.
Tor Browser Bookmark Extractor
Damien Attoe of Spyder Forensics created the Tor Browser Bookmark Extractor. See their LinkedIn post about it for more details.
TRAINING TUESDAY HIGHLIGHTS
This year, I started doing Training Tuesday Highlights on LinkedIn, Twitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.
October Highlights:
- October 8th: Kase Scenarios
- October 15th: TryHackMe
- October 22nd: CSI Linux
- October 29th: Hexordia
CURRENT DISCOUNTS
I keep track of discounts year-round but with Black Friday coming up there are a lot of deals. Check out the Current Discounts page to see all of them. More are being added daily.
GIVEAWAY
I teamed up with Detego Forensics for another giveaway.
3 winners will get access to Detego Global’s Digital Forensics & Cyber Crime Investigations course, Detego merch, and a copy of ‘Force of Justus’ by Dr Ron Martinelli, a crime novel where the hero uses Detego technology to solve a complex case.
Enter the giveaway here: https://detegoglobal.com/dfirdiva/