Leveraging CybOX with Volatility
by Jamie Levy | Sep 5, 2013 | cybox, forensics, malware, volatility
Lately I’ve been playing around with Cyber Observable eXpression, CybOX, and created a plugin to help check for threat indicators in memory samples. In case you don’t know, CybOX provides a vendor neutral format for expressing indicator information. As of...Results are in for the 1st Annual Volatility Framework Plugin Contest!
by Volatility | Aug 21, 2013 | contest, forensics, linux, macosx, malware, windows
We are excited to announce the results of the 1st Annual Volatility Plugin Contest. We were pleasantly surprised with 8 submissions to the contest. Each submission provides an exciting new capability to the memory analysis community or demonstrates the power of...Memory Forensics Training – Reston, VA – November 2013
by Volatility | Jun 25, 2013 | forensics, malware, training, volatility, windows
The next journey to the center of Windows Memory Forensics starts in Reston, VA this November! This event will be the 5th public offering of the Windows Malware and Memory Forensics Training by The Volatility Project. This is the only memory forensics course...The Perfect Combination of IR, Malware, Forensics, and Winternals
by Volatility | Jun 20, 2013 | forensics, malware, training, volatility, windows
Our Windows Malware and Memory Forensics training course has been described as the “…perfect combination of incident response, malware analysis, memory forensics, and Windows internals.” As you can see below, we do in fact disseminate quite a bit of...MOVP II – 4.5 – Mac Volatility vs the Rubilyn Kernel Rootkit
by Volatility | Jun 11, 2013 | forensics, kernel, macosx, malware, movp, volatility
In our final Month of Volatility Plugins post, we are going to demonstrate a number of plugins that can be used to detect kernel level OS X rootkits. To show these capabilities I am going to analyze a system that is infected with the rubilyn rootkit. I want to thank...
You must be logged in to post a comment.