Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Playing in Memory - Examples of User Thievery and Hunting for Malware

via YouTube

Overview

Explore memory forensics techniques and tools in this BSides Detroit 2017 conference talk. Dive into the world of digital investigation as Kyle demonstrates how to acquire and analyze computer memory using tools like Sift Workstation and Volatility. Learn to identify suspicious processes, detect malware, and uncover user activity through memory artifacts. Discover practical examples of user data theft and malware hunting techniques, including analyzing mail signs, network connections, and browser history. Gain insights into powerful forensic commands and other valuable artifacts that can aid in cybersecurity investigations and incident response.

Syllabus

Intro
Meet Kyle
What is forensics
Sift Workstation
Acquiring Memory
Capture Memory
Volatility
Memory Profile
View Processes
Mail Signs
CATs
Example
Netscan
Councils
CREP
VirusTotal
Autorun
Browsing History
Commands
Other good artifacts
Admin Verse
Chrome Search Terms
Powershell

Reviews

Start your review of Playing in Memory - Examples of User Thievery and Hunting for Malware

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.