Leaving No Stone Unturned
Offered By: BasisTech via YouTube
Course Description
Overview
Explore advanced memory forensics techniques in this 31-minute conference talk from OSDFCon 2021. Discover how to effectively analyze volatile memory samples, uncover various attack methodologies, and learn practical investigation steps. Delve into topics such as dll loading, code injection, shell code injection, page permissions, and remote library injections. Follow along with a live demo showcasing memory analysis techniques, including the use of Virtual Address Descriptor Trees and Memory Modules. Gain insights from Jamie Levy, a senior researcher and developer with extensive experience in digital forensics, as she emphasizes the critical role of volatile memory in investigations and provides valuable tools for future analyses.
Syllabus
Introduction
About Jamie
Background
dll loading
Code injection
Shell code injection
Page permissions
Remote library injections
How to find remote library injections
Virtual Address Descriptor Tree
Reflective dll Loading
Memory Segments
Bad Tree
Memory
Demo
Memory Module
Memory Sample
How to Start
Timeline
Registry Key
Conclusion
Taught by
BasisTech
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network