More new volatility plugins

Published: 2009-05-28
Last Updated: 2009-05-28 16:02:43 UTC
by Jim Clausing (Version: 1)
0 comment(s)

If you follow our diary at all, by now, you know I am a big fan of volatility for doing analysis of memory images.  I use it quit a bit in my automated malware analysis environment.*  Well, our friend, Michael Hale Ligh, who brought us the excellent malfind plugin has released another great plugin, the usermode_hook plugin.  Read his writeup, it is well worth the time.


*Shameless plug: Come to SANSFIRE in Baltimore next month and meet many of the handlers, I'll be talking about my automated environment including how I currently use volatility and some of what I still want to do with it.

0 comment(s)


Diary Archives