Last Updated: 2010-02-06 00:23:40 UTC
by Jim Clausing (Version: 1)
One of my interests for the last couple of years has been memory analysis especially for use in malware analysis. I've mentioned the volatility framework in previous diaries, and I use it for nearly all of my memory analysis of WindowsXP systems, but I've recently begun thinking about what tools I need in order to do similar analysis on Mac OS X machines. So, I was thrilled when I saw that Matthieu Suiche (of windd fame) was doing a talk at BlackHat-DC on Mac OS X memory analysis. The slides are now available and can be found here, and the whitepaper here. A pretty nice read.
Jim Clausing, jclausing --at-- isc [dot] sans (dot) org
SEC 503: Intrusion Detection In-Depth coming to central OH beginning 22 Feb, http://www.sans.org/mentor/details.php?nid=20864