The following contains newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training and tools from September, as well as upcoming live online training and events for October. Like the Free & Affordable Training Site, everything in this blog post is under $1,000.
Note: Purchases made through affiliate/partner links and/or using personalized discount codes is one of the things I rely on to be able to keep this website running. I am an affiliate or partner of the following companies mentioned in this post and references to them contain affiliate/partner links: CyberDefenders, Hack The Box, Humble Bundle, Safer Internet Project.
NEWLY RELEASED TRAINING, LABS & CHALLENGES FROM SEPTEMBER, 2024
LetsDefend






Source: @LetsDefendIO on Twitter(X)
LetsDefend added the following courses and challenges:
- Advanced Linux Forensics (VIP+)
- Android Forensics (VIP+)
- Malicious AutoIT Challenge (Free)
- Bash Script Challenge (Free)
- Compromised Chat Server Challenge (Free)
- Log Analysis With Sysmon Challenge (Free)
Their VIP+ plan costs $39.99/month or $359/year.
13Cubed

Source: @13Cubed on Youtube
13Cubed created a free Linux Memory Forensics Challenge and a video on Shimcache Execution.
Kase Scenarios
Kase Scenarios released another great OSINT scenario (Orkla: Bounty Hunt) where you investigate suspicious online services. I had the opportunity to beta test it and created a walkthrough for it.
It costs $49.99 and you get a digital badge when you complete it.
Xintra
Xintra released a new APT-level incident lab: Airbuzz.
Xintra subscriptions are $45/month – $459/year. There is also a 7-day free trial. Labs have a Certificate of Completion.
The DFIR Report
The DFIR Report created a new DFIR Labs Case: Backdoors and LockBit.
The cost is $19.99 – $84.99. You get a certificate and badge upon completion.
They also released a new DFIR Report: Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
My OSINT Training
My OSINT Training release a new Investigating TikTok course. The course costs $100 and comes with Certificate of Completion.
Blue Team Labs Online


Source: @BlueLabsOnline on Twitter(X)
Blue Team Labs Online released the following Pro Investigations in September:
- AWeSome: Incident Response
- Gothic Panda 1: Threat Intelligence
- Gothic Panda 2: Security Operations
- Code Breaker: Reverse Engineering
- Cipher 0: Digital Forensics
- Spilled Bucket: Incident Response
Their Pro subscription ranges from $19/month to $183/year.
CyberDefenders




Source: @CyberDefenders on Twitter(X)
CyberDefenders released the following new Pro labs. The Pro account costs $20/month – $200/year.
- Akira: Endpoint Forensics
- SolarDisruption: Network Forensics
- GoldenSpray: Threat Hunting
- MalaCrypt: Malware Analysis
LinkedIn Learning

A new Operating System Forensics course was released on LinkedIn Learning.
Topics Include:
- Operating Systems and Digital Forensics
- Windows File Systems
- Linux File Systems
- Apple File Systems
- File Recovery
- Live Acquisition
LinkedIn Learning plans start around $19.99/month for a yearly subscription.
Hack The Box
Hack The Box released a new free DFIR Sherlock: Nuts.
TryHackMe



Source: @RealTryHackMe on Twitter (X)
TryHackMe released the following new free DFIR walkthrough rooms and challenge rooms in September:
Karsten Hahn – MalwareAnalysisForHedgeogs
Karsten Hahn created a YouTube video on Deobfuscating ConfuserEx 2 with Python and dnlib.
Dr Josh Stroschein – The Cyber Yeti

Source: @jstrosch on YouTube
Dr Josh Stroschein added several new videos to his YouTube channel:
- Learn How to Dissect Binary Files with the Creator of Malcat
- Tool Spotlight: Performing Rapid Triage Analysis using ANY.RUN!
- Tracing Stack Usage and Stack Frames in a Debugger
- Playlist: Reversing LockBit 3.0 (Black) Anti-Analysis Techniques – DefCon 32 Workshop Extras
BlueMonkey4n6
BlueMonkey4n6 created a new YouTube Video: Who Gained Root Access on my Linux System – An Analysis of Sudo Logs
NEWLY RELEASED TOOLS & PLATFORMS
OpenRelik
Johan Berggren launched OpenRelik.
Description: “OpenRelik is an open-source (Apache-2.0) platform designed to streamline collaborative digital forensic investigations. It combines modular workflows for custom investigative processes, an intuitive interface for efficient workflow management, real-time collaboration features, and a centralized repository for shared artifacts. The platform is easy to extend with new workers to adapt to evolving forensic needs.”
LOLRMM
Magic Sword launched LOLRMM, a curated list of Remote Monitoring and Management (RMM) tools that could potentially be abused by threat actors. LOLRMM includes forensic artifacts.
LOLESXi
Blueteam0Ops launched LOLESXi.
Description from GitHub: LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. This project gathers procedural examples from public reports of adversarial activities targeting ESXi hosts.
CloudSOC-OpenSource

Sai Naga Subrahmanyam released CloudSOC-Opensource.
Description from GitHub: CloudSOC-OpenSource is a project designed for security analysts and SOC (Security Operations Center) professionals interested in implementing and exploring a modern CloudSOC architecture using open-source tools.
UPCOMING LIVE TRAINING, CONFERENCES, AND CTFS FOR OCTOBER, 2024
Cellebrite DFIR CTF
Cost: Free
The CTF runs from October 15th – 22nd. A free time-limited license for Cellebrite Inseyets Physical Analyzer (PA) 10 is available.
Masterclass: Digital Forensic, Incident Response and Investigation | Yorkshire Cyber Security Cluster
Cost: Free
TRAINING TUESDAY HIGHLIGHTS
This year, I started doing Training Tuesday Highlights on LinkedIn, Twitter (X), and Facebook using the hashtag #DFIRDivaTTH. Every Tuesday I highlight a training provider, instructor, book, or course listed on the Free & Affordable Training Site related to Digital Forensics, Incident Response, Malware Analysis, or OSINT.
September Highlights:
- September 3rd: Sorry, I missed this one – it was a crazy month
- September 10th: Patrick Wardle & Objective-See Foundation
- September 17th: Ali Hadi
- September 24th: TCM Security
CURRENT DISCOUNTS
Paraben: Get free access to all three of Paraben’s operator-level certifications and a 30-day free trial of their E3:UNIVERSAL software until October 31st.
Humble Bundle: Cybersecurity Month Mega Bundle
Safer Internet Project: Get 50% off Safer Internet Project Memberships until October 31st using code: SIP50
Constructing Defense: Get 25% off the Constructing Defense course using code: DFIRDIVA
Want to help support this site? I’m on Buy Me a Coffee