The (5th Annual) 2017 Volatility Plugin Contest is Live!
by Volatility | Apr 20, 2017 | contest, forensics, linux, macosx, volatility, volatility foundation
Its that time again, folks! The 2017 Volatility Plugin contest is now live and accepting submissions until October 1st, 2017. Winners of this year’s contest will be receiving over $2,250 in cash prizes as well as plenty of Volatility swag...Malware and Memory Forensics 2017 Schedule (Now with Linux, Mac, and Surge Collect Pro)
by Volatility | Aug 10, 2016 | artofmemoryforensics, linux, macosx, surge, training, volatility, windows
Our most popular training course just got even better! We’re happy to announce the curriculum for Malware and Memory Forensics by The Volatility Project now includes the following: Linux and Mac OS X memory analysis Windows memory acquisition with Volexity Surge...Results from the 2015 Volatility Plugin Contest are in!
by Volatility | Oct 29, 2015 | contest, forensics, linux, malware, volatility, volatility foundation, windows
The competition this year was fierce! We received 12 plugins to the contest. Similar to last year, ranking the submissions was one of the hardest things we’ve had to do. Each plugin is unique in its own way and introduces a capability to open source memory...Volatility Updates Summer 2015
by Volatility | Aug 25, 2015 | arsenal, blackhat, linux, macosx, training, volatility foundation, windows
Summer 2015 has been quite a busy time for the memory forensics community. We wanted to write a quick update to talk about some recent events and research as well as upcoming news. Conferences Black Hat Vegas 2015 We wanted to again thank everyone who came out and...Using mprotect(.., .., PROT_NONE) on Linux
by Jamie Levy | May 15, 2015 | linux, page permissions, volatility
After deciding to revisit some old code of mine (ok, very old), I realized that there was something different about how Linux was allocating pages of data I wanted to hide. At first, I was glad that I couldn’t see the data using yarascan, but...
You must be logged in to post a comment.