My next class:
LINUX Incident Response and Threat HuntingOnline | US EasternJan 29th - Feb 3rd 2025

Memory Analysis - time to move beyond XP

Published: 2010-02-05. Last Updated: 2010-02-06 00:23:40 UTC
by Jim Clausing (Version: 1)
0 comment(s)

One of my interests for the last couple of years has been memory analysis especially for use in malware analysis.  I've mentioned the volatility framework in previous diaries, and I use it for nearly all of my memory analysis of WindowsXP systems, but I've recently begun thinking about what tools I need in order to do similar analysis on Mac OS X machines.  So, I was thrilled when I saw that Matthieu Suiche (of windd fame) was doing a talk at BlackHat-DC on Mac OS X memory analysis.  The slides are now available and can be found here, and the whitepaper here.  A pretty nice read.

---------------
Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

SEC 503: Intrusion Detection In-Depth coming to central OH beginning 22 Feb, http://www.sans.org/mentor/details.php?nid=20864

Keywords: BlackHatDC Mac OSX
0 comment(s)
My next class:
LINUX Incident Response and Threat HuntingOnline | US EasternJan 29th - Feb 3rd 2025

Comments


Diary Archives