So if you follow me or Moyix on twitter, you will have seen some updates about some cool new plugins by MHL for Volatility. Shouts to MHL for his awesome work!
Other volatility plugins are listed on the Forensics Wiki.
Moyix has also released his slides from his recent talk on combining memory and registry analysis. Awesome stuff!
Volatility was also recently mentioned in Episode 522 of Hak5: Whats in your RAM? along with some other very cool tools like Matthieu Suiche's win32dd
Volatility has been under heavy development lately and has issued a call for bugs. So if you are currently a user and have encountered something odd, please report it so that it may be fixed. You can do so by sending an email to the developer's listserv. In order to get the newest code updates, you can download Volatility from the svn repository simply following the instructions on the site. For installation instructions you can check out the install manual written by yours truly ;-)
Want to learn about memory forensics and the internals of Volatility? Andreas Schuster has posted slides teaching just that!
BTW, Volatile Systems is also currently hiring. So if memory forensics and reverse engineering are within your interests you can apply for a job that includes both!
It's an exciting time and I'm sure there will be much more to come.
No comments:
Post a Comment