Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Memory Analysis - time to move beyond XP InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Memory Analysis - time to move beyond XP

Published: 2010-02-05
Last Updated: 2010-02-06 00:23:40 UTC
by Jim Clausing (Version: 1)
0 comment(s)

One of my interests for the last couple of years has been memory analysis especially for use in malware analysis.  I've mentioned the volatility framework in previous diaries, and I use it for nearly all of my memory analysis of WindowsXP systems, but I've recently begun thinking about what tools I need in order to do similar analysis on Mac OS X machines.  So, I was thrilled when I saw that Matthieu Suiche (of windd fame) was doing a talk at BlackHat-DC on Mac OS X memory analysis.  The slides are now available and can be found here, and the whitepaper here.  A pretty nice read.

---------------
Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

SEC 503: Intrusion Detection In-Depth coming to central OH beginning 22 Feb, http://www.sans.org/mentor/details.php?nid=20864

Keywords: BlackHatDC Mac OSX
0 comment(s)
Diary Archives