Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Memory Analysis - time to move beyond XP - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Memory Analysis - time to move beyond XP

One of my interests for the last couple of years has been memory analysis especially for use in malware analysis.  I've mentioned the volatility framework in previous diaries, and I use it for nearly all of my memory analysis of WindowsXP systems, but I've recently begun thinking about what tools I need in order to do similar analysis on Mac OS X machines.  So, I was thrilled when I saw that Matthieu Suiche (of windd fame) was doing a talk at BlackHat-DC on Mac OS X memory analysis.  The slides are now available and can be found here, and the whitepaper here.  A pretty nice read.

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

SEC 503: Intrusion Detection In-Depth coming to central OH beginning 22 Feb,

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Feb 6th 2010

Sign Up for Free or Log In to start participating in the conversation!