Thanks to all who continue to support the DFIR Training Patreon page. The page has been off to a good start and I have a fairly solid grasp as to what is coming in 2019.
My intention is to provide content that you want, so if there is something, you’d like to me to add or create, let me know. Given time and ability, I’ll do it. I will have some polls over the next months to narrow down what you would like to see.
Everything you see coming in 2019 is all included with your exclusive membership at the $20 or higher Tier levels, in that you will have access to every new course, every download, every podcast, and every video that comes out. The goal is to have at least one major content released each month to make sure you have something of value in return for your support.
Here is a general timeline of happenings at the DFIR Training’s Patreon Page
Case studies-up to one per month, every month. These will be short (15-45minutes), depending on how in-depth the cases are. The cases I pick are only those with publicly available information with legal complaints/affidavits available. News articles don’t always get things right and the affidavits certainly have the facts that have been sworn to be true.
The goal is to get you into thinking like an investigator assigned to a digital crime or crime facilitated by technology, and see how someone else worked the case. Your ideas will be different, but training your mind through case studies is one of the best ways to become a better investigator and analyst.
Software comparisons/reviews – I have a few promises to review specific software, which I will be getting to from January. The reviews are not the kind that you may be expecting. My intention is to take at least two software applications and compare them against each other in specific tasks. For example, ‘mounting images’ is a task that I will pick at least two applications to compare the pros and cons, and then give my personal opinion of the applications.
DFIR BookShare Challenge – It’s a new year for new DFIR books to giveaway! I am waiting on some authors to send me signed copies of their book, and will be reaching out to more authors to ask to join in. As soon as signed books dry up, the challenge will be paused until more books can be collected. As a side note, the DFIR Bookshare is open to the public through dfir.training, as Patreon doesn’t allow for raffles or giveaways..
Book reviews – I have some book reviews to publish that I am doing final edits on. The books are those that have been given away in the DFIR Book Sharing Challenge. Some of the books will have demos posted on Patreon of selected exercises, but all will be posted to Amazon.com, my blogs, and Goodreads.com.
Podcasts – I’ll keep going with the podcasts in the same format to make a single point in a few short minutes, with topics that I think are important to share.
Interviews - Yes, I will start having interviews. And like everything else, I will be doing it a little differently than you see elsewhere (because, why do what everyone else is doing?).
Investigating Windows Systems course – Once the goal of 300 patrons is reached, I will publish a course on Harlan Carvey’s book, Investigating Windows Systems. The course isn’t going to cut and paste from the book, but rather go through some scenarios and exercises to discuss the processes and thoughts that Harlan has written.
**Help reach this goal by spreading the word about DFIR Training’s Patreon page!**
January: I'm shooting for the release of the updated WinFE, plus the ebook that you can download as part of the course (or purchase on Amazon), plus an updated course on building it and using it. This is a new version all together, so it is a bigger undertaking to put together, but well worth it. Those at the $50 tier level will received a signed/printed copy of the book Ultimate DFIR Cheats! Windows Forensic Environment.
February: New course on Geolocation Forensics to be published. I am covering timelines, mapping, automated and manual methods. The course will also include the ebook that you can download as part of the course (or purchase on Amazon). This course is good for both civil and criminal cases where you need to pin a location to an activity to a user-account.
Patrons at the $50 tier level will receive a signed/printed copy of the book Ultimate DFIR Cheats! Geolocation Forensics once it is in print.
March: New evidence collection course. Not a course on file copying or imaging, but the actual collection of physical evidence (hard drives, media, etc…). Mostly to show how to collect (bag and tag) evidence that meets criminal investigation standards, and can be useful in any type of legal matter to prevent losing evidence, mishandling evidence, or having evidence inadmissible due to chain of custody problems. Probably no ebook on this one, but that could change depending on the time I have to write the guide. Forms will be included that you can use for evidence management, chain-of-custody, etc...
April/May: The X-Ways Forensics course will be completely revised from scratch with the then-current version of X-Ways. The current course will remain available, but I am working on creating several mini-XWF courses that teach XWF in a slightly different manner, using publicly available images in case study-type lessons, in a more targeted format.
As far as printed/ebook guides, there is a possibility but I don't want to replicate the XWF book or write a second edition of the XWF book.
At some point during the year, I will also have a Bitcoin (Cryptocurrency) Investigations course along with a downloadable ebook (or again, you can purchase a print copy through Amazon).
For the rest of the year, I want to keep the second part of the year open for new ideas at that will come up, and be open to suggestions as well. As the Tier levels fill up, the new tiers will be increasingly more expensive to join in, so for whichever tier level of support that fits your needs, be sure to keep it rather than having to come back at a higher level.
Happy New Year to all, and my sincere appreciation for your support as DFIR Training members!