One of my interests for the last couple of years has been memory analysis especially for use in malware analysis. I've mentioned the volatility framework in previous diaries, and I use it for nearly all of my memory analysis of WindowsXP systems, but I've recently begun thinking about what tools I need in order to do similar analysis on Mac OS X machines. So, I was thrilled when I saw that Matthieu Suiche (of windd fame) was doing a talk at BlackHat-DC on Mac OS X memory analysis. The slides are now available and can be found here, and the whitepaper here. A pretty nice read. --------------- SEC 503: Intrusion Detection In-Depth coming to central OH beginning 22 Feb, http://www.sans.org/mentor/details.php?nid=20864 I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022 |
Jim 423 Posts ISC Handler Feb 6th 2010 |
Thread locked Subscribe |
Feb 6th 2010 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!