I've been playing around with the script I've created in the previous blog post and I'm starting to think that there is some real potential in a web interface for Volatilty. So I've made some improvements to the script to make it more functional.
Meer lezenSo we're up for the second blogpost, it took me almost a year to get another one out. But as always, I try to focus on quality over quantity ;-). Again, the object of my affection is Volatilty, an amazingly flexible tool to perform memory analysis. For this sample I've used Volatility 2.2, but this will probably work on other versions as well.
Meer lezenWhen I use Volatility I'm always amazed of the amount of forensic information that is available just from memory. Volatility comes with a large amount of plugins that make it very easy to get that information out of a memory image without extensive knowledge on how memory actually is organized.
Meer lezen