MoVP II

Published: 2013-05-23. Last Updated: 2013-05-23 14:00:31 UTC
by Adrien de Beaupre (Version: 1)
1 comment(s)

Volatility is a Python framework for performing memory forensics. If you haven't tried it yet I highly recommend it. The Volatility Month of Volatility Plugins II is on! As announced here: http://volatility-labs.blogspot.ca/2013/05/whats-happening-in-world-of-volatility.html Volatility 2.3 is entering beta and the second MoVP (Month of Volatility Plugins) has started and is actually in their second installment. Some very exciting new stuff:

1.1 - Mach-O Address Space
1.2 - VirtualBox ELF64 Core Dumps
1.3 - VMware Snapshot and Saved State Analysis
1.4 - New HPAK Address Space
1.5 - ARM Address Space (Volatility and Andriod / Mobile)
2.1 - RSA Private Keys and Certificates
2.2 - Unloaded Windows Kernel Modules

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.
My SANS Teaching Schedule

 

Keywords: memory forensics MoVP II plugins volatility
1 comment(s)

Comments

SANS 508 veterans be aware !

Dom De Vitto

May 23rd 2013
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives