SDF: Memory Forensics 2
SDF: Memory Forensics 2
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 48000 Hz
Language: English | VTT | Size: 1.45 GB | Duration: 2.5 hours
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 48000 Hz
Language: English | VTT | Size: 1.45 GB | Duration: 2.5 hours
Learn Windows memory forensics
What you'll learn
Learn how to use Volatility
Learn to do a fast-triage malware compromise assessment
Understand plugin output for investigations
Learn a valuable triage methodology
Learn how to create a Volatility script
Requirements
Students need PC, Mac or Linux system (virtual machine preferred)
Willingness to learn!
Description
Learn to script Volatility and conduct a malware compromise assessment.
This class provides you with hands on training working with a memory image in order to find evidence of compromise. Step-by-step the course teaches students how to automate memory forensic processing as well as how to interpret the findings. By the end of the course students will have an efficient forensic tool and methodology that may be used for any windows memory forensic exam.
This class teaches students how to conduct memory forensics using Volatility.
Learn how to use & combine plugin results to identify malware
Learn how to create a script to automate running plugins and post-processing data refinement
Learn how to run and interpret plugins
Hands-on practicals reinforce learning
Learn all of this in about one hour using all freely available tools.
Who this course is for
Computer Forensic Examiners
IT professionals
Students
Computer crime investigators
Security analysts
Incident Response Analysts