MENU

Posts Tagged ‘windows memory forensics’

Most Recent
 
Read More
2017-09-07

Practical Memory Forensics

A user of Youtube called Black Hat shared short video ‘Preview: A Practical Approach to Malware Analysis and Memory Forensics’.

 

246
 
Read More
2017-03-06

Gargoyle and Memory Forensics

Gargoyle is a way of hiding all the executable program code in non-executable memory. It is implemented only for 32-bit Windows (64-bit Windows on Windows, excellent). Performing live memory analysis can be a very expensive operation, if you use Defender Windows. Gargoyles shows that the method to reduce the computational load is a limit on the analysis of only the executable code pages, it is a risky the approach. Through the use of the Windows, asynchronous procedure calls, read / write memory can only be used as an executable memory to perform certain tasks.

 

169
 
Read More
2017-02-15

Memory Forensics with Vshot and Remnux

Today we will talk about memory analysis with the help of plugins from the Vshot script. SAMUEL ALONSO gives a list of plugins:

 

197
 
Read More
2016-11-14

Use the Graphics User Interface for Volatility Framework.

Several digital investigators dislike to use the command line. Volatility Framework is the best tool for memory forensics.  Waqas Ahmad developed Graphics User Interface for Volatility Framework.

356
Latest Headlines
 
Read More
869
 
Read More
449
 
Read More
886

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
Android forensics
digital forensics software
windows forensics
forensic data recovery
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy

Get Help Now

Thank you for contacting us.
Your Digital Investigator will call you shortly.