Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: MoVP II - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Volatility is a Python framework for performing memory forensics. If you haven't tried it yet I highly recommend it. The Volatility Month of Volatility Plugins II is on! As announced here: Volatility 2.3 is entering beta and the second MoVP (Month of Volatility Plugins) has started and is actually in their second installment. Some very exciting new stuff:

1.1 - Mach-O Address Space
1.2 - VirtualBox ELF64 Core Dumps
1.3 - VMware Snapshot and Saved State Analysis
1.4 - New HPAK Address Space
1.5 - ARM Address Space (Volatility and Andriod / Mobile)
2.1 - RSA Private Keys and Certificates
2.2 - Unloaded Windows Kernel Modules

Adrien de Beaupré Inc.
My SANS Teaching Schedule


Adrien de Beaupre

353 Posts
ISC Handler
May 23rd 2013
SANS 508 veterans be aware !

Sign Up for Free or Log In to start participating in the conversation!