Surviving Digital Forensics: Memory Analysis 2
Surviving Digital Forensics: Memory Analysis 2
MP4 | Video: 1280x720 | 60 kbps | 44 KHz | Duration: 1 Hours | 334 MB
Genre: eLearning | Language: English
MP4 | Video: 1280x720 | 60 kbps | 44 KHz | Duration: 1 Hours | 334 MB
Genre: eLearning | Language: English
Learn how to identify suspicious processes running in Windows memory
A system's memory contains an assortment of valuable forensic data. A computer analyst trained in memory forensics can use this data to determine if a system has been infected with malware - a valuable skill for both incident response triage work as well as in digital forensic exams involving litigation.
This class picks up where Memory Analysis 1 left off. It provides you with hands on training working with an infected sample of memory. Learn to identify suspicious processes running in memory by putting a "level 1" triage of Windows memory into action. Using key volatility plugins, this class walks you through the process of the exam.
Learn how to set up and use Volatility on a Windows system
Learn how to parse memory for KDBG signatures
Learn how to run several Volatility Plugins and interpret the findings
Learn how to combine Plugin results to refine your data
Learn how to effectively sift through memory data to quickly identify suspicious files
Hands-on practicals reinforce learning
Learn all of this in about one hour using all freely available tools.
Surviving Digital Forensics: Memory Analysis 2
