Playing in Memory - Examples of User Thievery and Hunting for Malware
Offered By: YouTube
Course Description
Overview
Explore memory forensics techniques and tools in this BSides Detroit 2017 conference talk. Dive into the world of digital investigation as Kyle demonstrates how to acquire and analyze computer memory using tools like Sift Workstation and Volatility. Learn to identify suspicious processes, detect malware, and uncover user activity through memory artifacts. Discover practical examples of user data theft and malware hunting techniques, including analyzing mail signs, network connections, and browser history. Gain insights into powerful forensic commands and other valuable artifacts that can aid in cybersecurity investigations and incident response.
Syllabus
Intro
Meet Kyle
What is forensics
Sift Workstation
Acquiring Memory
Capture Memory
Volatility
Memory Profile
View Processes
Mail Signs
CATs
Example
Netscan
Councils
CREP
VirusTotal
Autorun
Browsing History
Commands
Other good artifacts
Admin Verse
Chrome Search Terms
Powershell
Related Courses
Foundations of Computer Science for TeachersThe University of Texas at Austin via edX Computer Forensics
Rochester Institute of Technology via edX FinTech Security and Regulation (RegTech)
The Hong Kong University of Science and Technology via Coursera Cyber Security
CEC via Swayam Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX