Threat Hunting: Memory Analysis with Volatility
HTML-код
- Опубликовано: 9 июн 2017
- Volatility is one of the best open source software programs for analyzing RAM in 32 bit/64 bit systems. It supports analysis for Linux, Windows, Mac, and Android systems. It is based on Python and can be run on Windows, Linux, and Mac systems. It can analyze raw dumps, crash dumps, VMware dumps (.vmem), virtual box dumps, and many others. In this meetup recording, we used Volatility Framework to analyze memory dumps.
Наука
Hi Candan, this is a very good presentation!
Love your vids always man
Many thanks Sir, Could you please re provide the presentation, samples and those commands you have tried as the link is expired
i have one question, how do we know that the admin is responsible for the attack?
My teacher how i can find files deleted or what is location ?
how did he got the dc.memory image ? with which software ?
from his lab. just got to your AD controller and use ftk or whatever software to do it.
20:56 and you"ll hear Russians lol. They' ll listen to anything. and i mean anything ti'll they get intel