• GitHub
  • Contact
The Volatility Foundation - Promoting Accessible Memory Analysis Tools Within the Memory Forensics Community
  • The Volatility Framework
  • Training
  • Events
  • FAQ
  • Contest
  • About
  • Blog
Select Page

MoVP 1.1 Logon Sessions, Processes, and Images

by Volatility | Sep 10, 2012 | forensics, kernel, movp, rdp, volatility, windows

Month of Volatility Plugins  Attackers like to log on. They specifically like logging on remotely with RDP. Whenever these actions occur, the Windows kernel creates a new session, which is basically a container for processes and objects (like window stations and...

MoVP 1.1 Logon Sessions, Processes, and Images

by Volatility | Sep 10, 2012 | forensics, kernel, movp, rdp, volatility, windows

Month of Volatility Plugins  Attackers like to log on. They specifically like logging on remotely with RDP. Whenever these actions occur, the Windows kernel creates a new session, which is basically a container for processes and objects (like window stations and...

Volatility Blog Archive

2026

  • + March (1)

2025

  • + July (1)
  • + May (2)
  • + March (1)

2024

  • + August (1)
  • + July (1)
  • + March (1)

2023

  • + August (1)
  • + July (1)
  • + June (1)
  • + March (1)
  • + February (1)
  • + January (1)

2022

  • + July (1)
  • + February (1)
  • + January (1)

2021

  • + October (1)
  • + August (1)
  • + May (1)
  • + January (1)

2020

  • + November (1)
  • + May (2)

2019

  • + November (1)
  • + October (2)
  • + July (1)
  • + June (1)

2018

  • + November (2)
  • + May (1)
  • + February (1)

2017

  • + November (1)
  • + June (1)
  • + April (1)

2016

  • + December (2)
  • + September (1)
  • + August (2)
  • + July (1)
  • + April (3)

2015

  • + November (2)
  • + October (1)
  • + August (2)
  • + July (2)
  • + June (1)
  • + May (1)
  • + March (1)
  • + February (1)
  • + January (1)

2014

  • + December (1)
  • + October (3)
  • + September (5)
  • + August (6)
  • + July (2)
  • + May (1)
  • + April (2)
  • + February (2)
  • + January (5)

2013

  • + October (3)
  • + September (2)
  • + August (1)
  • + June (9)
  • + May (15)
  • + April (2)
  • + March (2)
  • + February (1)
  • + January (4)

2012

  • + December (2)
  • + November (1)
  • + October (14)
  • + September (19)
bluesky logo
    bluesky logo
    bluesky logo
    bluesky logo
    bluesky logo

    All Content © The Volatility Foundation, a 501(c)(3) Nonprofit Organization.

    All Content © The Volatility Foundation, a 501(c)(3) Nonprofit Organization.

     

    Loading Comments...
     

    You must be logged in to post a comment.