OMFW 2012: Analyzing Linux Kernel Rootkits with Volatility
by Volatility | Oct 12, 2012 | kernel, linux, malware, omfw, volatility
This presentation went over a number of the new Linux plugins and showed how to use them when investigating Linux kernel rootkits. All of the plugins and functionality shown is part of the 2.2 Volatility release. Author/Presenter: Andrew Case / @attrc Direct Link:...OMFW 2012: Reconstructing the MBR and MFT from Memory
by Jamie Levy | Oct 9, 2012 | forensics, omfw, volatility, windows
This presentation introduced two new Volatility plugins: mbrparser and mftparser which will be released in Volatility 2.3. These plugins empower the investigator to explore possible MBR infections or in the case of mftparser, files that are in use on the system....OMFW 2012: Malware In the Windows GUI Subsystem
by Volatility | Oct 8, 2012 | forensics, kernel, malware, omfw, volatility, windows
This presentation introduced Volatility’s new win32k suite – a set of plugins and APIs that make it possible to perform malware analysis and memory forensics based on artifacts in the Windows GUI subsystem. This subsystem plays a part in nearly everything...
You must be logged in to post a comment.