New Volatility plugins
There isn't a lot of activity on the Internet Storm Center radar at the moment, I suppose it is, as the saying goes, the calm before the storm. While we all wait to hear what sort of new "fun" comes out of Vegas this week from BlackHat/DefCon, I wanted to point out that, last week, Michael Hale Ligh has updated his awesome usermode_hooks and malfind plugins for Volatility that I told you about in May and released 4 additional ones. You can read all about them from the author here. Now I guess I'll need to work a couple more of them into my automated malware analysis platform.
---------------
Jim Clausing, jclausing --at-- isc dot sans dot org
For those of you in (or who know someone in) central Ohio that might be interested, I'll be mentoring SEC 508: Computer Forensics, Investigation, and Response, here this fall, check out www.sans.org/mentor/details.php?nid=19458
LINUX Incident Response and Threat Hunting | Online | Japan Standard Time | Oct 21st - Oct 26th 2024 |
Comments