Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: More new volatility plugins SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
More new volatility plugins

If you follow our diary at all, by now, you know I am a big fan of volatility for doing analysis of memory images.  I use it quit a bit in my automated malware analysis environment.*  Well, our friend, Michael Hale Ligh, who brought us the excellent malfind plugin has released another great plugin, the usermode_hook plugin.  Read his writeup, it is well worth the time.

 

*Shameless plug: Come to SANSFIRE in Baltimore next month and meet many of the handlers, I'll be talking about my automated environment including how I currently use volatility and some of what I still want to do with it.

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Northern VA - Fairfax 2020

Jim

412 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!