Volatility Memory Analysis Article Featured in eForensics Magazine

eForensics April 2013

Check out this month’s issue of eForenics Magazine for my article on Memory Analysis using Volatility 2.2 and DumpIt!

“Analyzing system memory for artifacts is a technique used by forensic analysts, security specialists and those that analyze malware.

In this article we will cover how to obtain a complete copy of system memory from a computer using the easy to use program “DumpIt”. We will then take this memory dump and analyze it with the popular memory analysis tool “Volatility”.

With Volatility, you can pull a list of what software was installed on a system, what processes were running, what network connections were active, and a whole lot more.

We will look at all of this and even see how to pull password hashes from a memory dump. Lastly we will try our hand at analyzing a memory image infected with a sample of Stuxnet.”

The magazine also includes:

  • Cold Boot Memory Forensics by Alexander Sverdlov
  • MALWARE FORENSICS & ZEUS by Mikel Gastesi ,  Jozef Zsolnai & Nahim Fazal
  • Establishing a Center for Digital Forensics Investigative Services on the Cloud by Dr. Rocky Termanini
  • Digital Continuity of Government Records by Dr. Stilianos Vidalis
  • And more!

Check it out! (Subscription Required)

~ by D. Dieterle on April 2, 2013.

One Response to “Volatility Memory Analysis Article Featured in eForensics Magazine”

  1. Reblogged this on lava kafle kathmandu nepal.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: