Memory forensics is itself a complete domain in malware analysis. It is a process to identify the artefacts of malwares into the system after the infection. It is a branch of investigation and allow people to calculate the damage and risk of an malicious event. Check the reference section for additional material.
Session 8 – Practical Reversing Part III – Malware Memory Forensics
- SecurityXploded 4th Quarterly Meetup ... — Here is the quick update and presentations from our recently concluded Fourth ‘SecurityXploded Cyber Security Quarterly Meetup’. In this meet, Subrat Sarkar delivered presentation on “Exposing the secrets of Windows Credential Provider”, Raghav Pande covered the topic on “Defeating Public Exploit Protections(EMET v5.2 and more)”, Amit Malik presented the topic “Return Address – [...]
- SX 4th meetup – Hunting Rootkit... — In this awesome presentation, Monnappa explained the concept of Rootkits, types of Rootkits, Memory Forensics. He demonstrated various stealth techniques used by the TDSS Rootkit and showed how to identify its presence and understand its capabilities and various functionality using memory forensics. Presentation: Video Demo: [...]
- SX 4th Meetup – Exposing the se... — In this awesome presentation, Subrat Sarkar explained the concepts of Windows logon mechanism, Windows Logon architecture, Windows credential provider and showed how an attacker can take advantage of credential provider to steal Windows password in plain text and how to find and mitigate this issue. Presentation: [...]
- SX 4th Meetup -Return Address – The s... — In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes. Presentation: [...]
- SecurityXploded Cyber Security Meetup... — This is an announcement for the upcoming SecurityXploded cyber security community meetup on 23rd May 2015 in Bangalore, India. This meet is completely free and doesn’t require any registration or any other formalities to attend. The meet will start at 10 AM IST. After the meet, we will upload the presentations/videos for our online [...]