Author | Lightnews

DFIR Diva @dfirdiva.bsky.social · Aug 10

Hack The Box is hosting their first all Blue CTF next month!

Dates: September 22nd - 26th

Form a team and compete for prizes 🏆

Challenges Include:
- DFIR
- SOC
- Malware Reversing
- Threat Intelligence

Link: ctf.hackthebox.com/event/detail...

3

Reposted by DFIR Diva

Phill Moore @phillmoore.bsky.social · Apr 27

Week 17 - 2025 #DFIR
thisweekin4n6.com/2025/04/27/w...

Week 17 – 2025

Use the discount code thisweekin4n6 for 15% off any class at Cyber5w.Use the code PM15 or click this link for 15% your next Hexordia classTakes a class with me! Akash Patel Understanding Rootkits: …

thisweekin4n6.com

3 4

Reposted by DFIR Diva

Doug Metz @dwmetz.bsky.social · Apr 28

I recorded a brief video, walking through some of the different functions in MalChela in the new GUI, stepping through basic static analysis to yara rule writing - all in minutes.  youtu.be/hI1EqojI1DA

#DFIR #MalwareAnalysis #YARA #MITRE #Rust

MalChela: github.com/dwmetz/MalCh...

MalChela GUI Walk through

YouTube video by Doug Metz

youtu.be

3 2

Reposted by DFIR Diva

Josh Lemon @joshlemon.bsky.social · Apr 28

This is an interesting write up on a slightly different #Docker #container #malware attack from the Cado Security and Darktrace teams.

🔗 www.darktrace.com/blog/obfusca...

1 2 1

Reposted by DFIR Diva

CYBER 5W @cyber5w.bsky.social · Apr 4

Interested in learning about #DFIR and don't know where to start? Then we highly recommend you check out our full "C5W-100 - Introduction to Digital Forensics" course. It is completely FREE and it should help you get started. #infosec #cybersecurity

academy.cyber5w.com/courses/C5W-...

C5W-100 INTRODUCTION TO DIGITAL FORENSICS

academy.cyber5w.com

3 4

Reposted by DFIR Diva

SLEUTHCON @sleuthcon.bsky.social · Mar 18

🐍 SLEUTHCON is coming! 🐍

Registration and CFP are now open for this year’s SLEUTHCON—happening June 6th, both in-person in Arlington, VA, and virtually.

www.sleuthcon.com

1/x

4 8 12

Reposted by DFIR Diva

Ryan Benson @hindsig.ht · Mar 11

There's a new Hindsight release!

Hindsight v2025.03 focuses on Extensions - parsing more activity and state records, highlighting Extension permissions, and making it easier to examine Manifests.

🌐 Blog: dfir.blog/hindsight-pa...
🛠️ Tool download: hindsig.ht/release

#DFIR #Chrome #Extensions

Hindsight v2025.03 Released!

Hindsight v2025.03 focuses on Extensions - parsing more activity and state records, highlighting Extension permissions, and making it easier to examine Manifests.

dfir.blog

4 8

Reposted by DFIR Diva

Brian Carrier @carrier4n6.bsky.social · Mar 11

New Autopsy release is out! 🎉

It's been a minute, but it's out. Notable features are BitLocker support and it can run side-by-side with Cyber Triage. Plus, a bunch of library updates.

Now Cyber Triage and Autopsy can be used on the same case at the same time!

www.autopsy.com/autopsy-4-22...

Autopsy - Autopsy 4.22.0: BitLocker Support, Cyber Triage Sidecar, Library Updates

Autopsy 4.22.0 includes BitLocker support, ability to run alongside Cyber Triage, and updates to lower-level libraries.

www.autopsy.com

10 19

DFIR Diva @dfirdiva.bsky.social · Mar 10

New Blog Post! Free & Affordable Training News Monthly: Feb - Mar 2025

- Newly released DFIR, OSINT, and Malware Analysis training, tools, and books from February 2025

- Upcoming events for March 2025

Link: dfirdiva.com/free-afforda...

#DFIR #IncidentResponse #MalwareAnalysis #OSINT

Free & Affordable Training News Monthly: Feb - Mar 2025

Newly released Digital Forensics, Incident Response, Malware Analysis and OSINT training, tools, and books from February 2025. Upcoming events for March.

dfirdiva.com

1

DFIR Diva @dfirdiva.bsky.social · Mar 9

I noticed the DFIR & Blue Team Certifications + Training for under $1,000 section had a lot of broken links. They've been fixed 🙂

training.dfirdiva.com/listing-cate...

#DFIR

DFIR & Blue Team Certifications + Training Under $1,000 - Free & Affordable DFIR, OSINT, & Cybersecurity Training

Digital Forensics & Incident Response (DFIR) and Blue Team Certifications with Training Included Under $1,000

training.dfirdiva.com

1 5

Reposted by DFIR Diva

Jessica Hyde @b1n2h3x.bsky.social · Feb 18

Missed the @magnetforensics.bsky.social Virtual Summit #CTF but want the images for testing and learning? We have already shared them with @nist.bsky.social CFReDS cfreds.nist.gov/all/Hexordia...

CFReDS Portal

cfreds.nist.gov

6 9

Reposted by DFIR Diva

Kevin 🤖🕵️🍺 @stark4n6.bsky.social · Feb 17

New #iLEAPP 2.1.0 release is out! #DFIR github.com/abrignoni/iL...

1 2

DFIR Diva @dfirdiva.bsky.social · Feb 8

Ultimate Cybersecurity Career Humble Bundle!

Includes:
- Incident Response for Windows
- The OSINT Handbook
- Effective Threat Investigation for SOC Analysts
and more!

Link: humblebundleinc.sjv.io/kOaeod

(Partner Link)

#DFIR #IncidentResponse #MalwareAnalysis #Cybersecurity #OSINT

Humble Tech Book Bundle: Ultimate Cybersecurity Career by Packt

Jump-start your exciting new cybersecurity career with this outstanding library of tech courses. Pay what you want & support World Central Kitchen!

humblebundleinc.sjv.io

3 4

DFIR Diva @dfirdiva.bsky.social · Feb 8

DFIR Giveaway! You could win:

✅A FREE @detegoglobal.bsky.social Digital Forensics & Cyber Crime Investigations course worth $399 each

✅Detego merch pack

✅‘Force of Justus’ crime novel

Enter here: detegoglobal.com/dfirdiva

THREE winners will be announced March 10th, 2025!

#DFIR

1 4

DFIR Diva @dfirdiva.bsky.social · Feb 3

Free & Affordable Training News Monthly: Dec 2024 - Feb 2025

- Newly released DFIR, OSINT, and Malware Analysis training, tools, and books from Dec 2024 & Jan 2025

- Upcoming CTFs and training for February, 2025

Link: dfirdiva.com/free-amp-aff...

#DFIR #IncidentResponse #MalwareAnalysis #OSINT

2 7

DFIR Diva @dfirdiva.bsky.social · Jan 13

The winner of the @13cubed.bsky.social XPlat Bundle is @dfirjw.bsky.social! Congrats!

7

DFIR Diva @dfirdiva.bsky.social · Jan 1

The XPlat Bundle includes:

-Investigating Windows Endpoints
-Investigating Windows Memory
-Investigating Linux Devices

Learn more about it here: training.13cubed.com/xplat-bundle

XPlat Bundle

Master XPlat (cross-platform) Windows and Linux forensic investigation with the ultimate bundle: 365-day access to Investigating Windows Endpoints, Investigating Windows Memory, and Investigating Linu...

training.13cubed.com

1 6

DFIR Diva @dfirdiva.bsky.social · Jan 1

Happy New Year! I partnered with @13cubed.bsky.social for a giveaway of his XPlat training/certification Bundle!

To Enter: Like, Repost, and Leave a Comment

On January 12th, 1 winner will be chosen from LinkedIn and 1 winner will be chosen from Bluesky.

#DFIR #DigitalForensics #IncidentResponse

32 33 37

Reposted by DFIR Diva

Denny Fischer @df-sec.bsky.social · Dec 16

"Mastering Sysmon: Deploying, Configuring, and Fine-Tuning"
A free mini eBook for #DFIR professionals with practical steps to deploy, fine-tune, and start logging with Sysmon.

dfirinsights.com/2024/11/27/m...

#infosec #blueteam

Mastering Sysmon free DFIR e-book release - DFIR Insights

Today is the day! I'm announcing the release of my guide: "Mastering Sysmon: Deploying, Configuring, and Fine-Tuning", a free mini eBook designed specifically for digital forensics and incident respon...

dfirinsights.com

5 5

Reposted by DFIR Diva

Kirbstr @kirbstr.bsky.social · Dec 17

PSST: our 1-day OSINT 101 (for beginners) class is free!

academy.plessas.net/offers/iFJiA...

Plessas Experts Network - Online Learning Portal

academy.plessas.net

2 4 9

Reposted by DFIR Diva

Kirbstr @kirbstr.bsky.social · Dec 12

I have 76 feeds in this list. Next week I will add more podcasts, but if I am missing important blogs (and I KNOW I am), give me a hand. Don't be shy - post your own blogs too. #OSINT

knowledgebase.plessas.net/OSINT-Feeds-...

3 9

Reposted by DFIR Diva

beercow.bsky.social @beercow.bsky.social · Dec 6

Just a heads up. M$ is OCRing all your images in OneDrive for business in an unsecured database on your desktop/laptop. Happy Friday. #DFIR

2 7 15

Reposted by DFIR Diva

Sinwindie @sin.osintdojo.com · Dec 7

We uploaded a new #OSINT challenge for you to try your hand at. Can you identify the Latitude and Longitude of where this photo was taken?
www.youtube.com/shorts/6iYuE...

#OSINT Challenge: Blue City Sign

YouTube video by OSINT Dojo

www.youtube.com

4 5 17

Reposted by DFIR Diva

Antonio Sanz @antoniosanzalc.bsky.social · Dec 5

Great spreadshit for #DFIR to know if something was executed - blog.1234n6.com/available-ar...

Available Artifacts - Indicators of Execution Updated

The "Indicators of Execution" spreadsheet I put together in 2018 has been somewhat neglected of late. So, with the release of Server 2025 I set about updating it to reflect the current state of Window...

blog.1234n6.com

1 12

Reposted by DFIR Diva

Dmitry Vostokov @dumpanalysis.bsky.social · Dec 5

Accelerated Rust Windows Memory Dump Analysis (ISBN-13: 978-1912636891) is now available in PDF format with and without recording and additional materials: www.patterndiagnostics.com/accelerated-...

4 5