-
-
Recent Posts
-
Categories
- Academia (21)
- Android (1)
- Anti-Forensics (2)
- AntiX (4)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- C5W (1)
- Challenges (5)
- Companies (16)
- Conferences (1)
- Cyber 5W (2)
- Database (23)
- Development (31)
- DFIR (14)
- Exploitation (8)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (22)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (13)
- Kernel (24)
- Life (161)
- Linux Security (68)
- Linux Services (37)
- Malware (9)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (52)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (6)
- Security (84)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (53)
- Sport (78)
- ThreatHunting (4)
- Unix (12)
- Virtualization (27)
- Vulnerability (7)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (19)
- Workshops (2)
- z0ne (16)
Archives
Tag Archives: memory forensics
Memory Forensics – RansomCare Investigation Case 1
In this case you are required analyze a memory dump of a Windows 10 system that has been hit with RansomCare. E01 for the Memory Dump could be found: here Find RansomCare’s code, dump it. and explain what happened to … Continue reading
Posted in Anti-Forensics, Challenges, Cyber 5W, DFIR, Forensics, Investigations, Malware
Tagged anti-forensics, Case Study, Challenge, DFIR, Investigation, Malware, memory forensics, RansomCare, Ransomware
Comments Off on Memory Forensics – RansomCare Investigation Case 1
Acquiring Linux Memory using AVML and Using it with Volatility
This is another quick post going over the process to acquire memory from a Linux system, but instead of using LiME, I’m going to use AVML which stands for Acquire Volatile Memory for Linux, and could be found here. The … Continue reading
Posted in DFIR, Forensics, Memory, Software/Tools
Tagged Acquiring, avml, Forensics, LiME, Linux, memory forensics, Profile, Volatility
Comments Off on Acquiring Linux Memory using AVML and Using it with Volatility
