Video description
Our connected world today generates unimaginable volumes of data, and sometimes that information can be the key to helping law enforcement and corporate investigators solve crimes or reveal intrusions by hackers into a network. Memory analysis is important for incident responders and cases for which there is essential evidence that could be lost when a system is powered off. Fortunately, there are a number of tools that we can use to help with memory analysis.
In this course, entry- to intermediate-level IT professionals as well as law enforcement personnel can learn to use tools like Volatility and Rekall to acquire memory images from Windows, Linux, and macOS systems and examine them for signs of malware and other abnormalities. You’ll see the techniques needed to conduct digital forensic work, such as identifying running processes, and more.
Table of contents
- Introduction
-
Memory Analysis With Volatility
- What Is Volatility?
- Getting Image Information
- Getting User Session Information
- Getting System Information
- Process Listings
- Shared Library Listing
- Process Memory Analysis
- Virtual Address Descriptors
- Kernel Modules
- Looking For Drivers
- Network Connections
- Windows Registry Information
- Getting Hashes
- Shell Bag Analysis
- Getting Malware Indicators
- Extracting Processes
- Locating Files In Memory
- Memory Analysis With Rekall
- Conclusion
Product information
- Title: Forensic Analysis of Computer Memory
- Author(s):
- Release date: December 2017
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492029137
You might also like
book
Practical Memory Forensics
A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore …
video
Computer Forensics
This video based Computer Forensics training course expert Ric Messier will teach you how to get …
book
Operating System Forensics
Operating System Forensics is the first book to cover all three critical operating systems for digital …
book
Incident Response & Computer Forensics, Third Edition, 3rd Edition
The definitive guide to incident response--updated for the first time in a decade! Thoroughly revised to …