Interaction

Interaction

Interaction

  Contributions  

Memory Forensics

 

Memory Forensics or memory analysis is the forensic analysis of the computer's memory.  Memory forensics provides insights into network connections, executed files or commands, and runtime system activity. To execute any program, it must be first loaded on the memory, which makes it critical for forensic to identify attacks [1].

Contents

Selected Syllabi

  • Memory Forensics, CFRS 780 – 001 - Spring 2016; George Mason University [link]
  • CSCI 597 – Digital Forensics Texas A&M University Commerce [link]
  • COMP 8990 - Advanced Digital Forensics, MISSISSIPPI STATE UNIVERSITY [link]
  • NETW236 - Computer Forensics and Investigation, Brookdale Community College [link]

Tools

Below are some of the popular tools used in memory forensic:

Learning Resources

YouTube Videos

  • Introduction to Memory Forensics [Playlist]: link
  • Investigating Malware Using Memory Forensics - A Practical Approach [Black Hat]: link
  • SANS memory Forenisc [playlists]: Windows   Linux

Books

  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory; Michael Hale Ligh, Andrew Case, Jamie Levy, Aaron Walters
  • Digital Forensics; André Årnes
  • Computer Forensics with FTK; Fernando Carbone
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software; Andrew Honig and Michael Sikorski

Online Courses

  • Coursera Penetration Testing, Incident Response and Forensics: [link]
  • SANS FOR526: Advanced Memory Forensics & Threat Detection:  [link]
  • Volatility Labs, Memory and Malware Forensics: [link]
  • InfoSec Memory Forensics [link]

References

[1] ALL YOU NEED TO KNOW ABOUT MEMORY FORENSICS – IDENTIFYING POTENTIAL VOLATILE DATA
Panel title
Lorem Ipsum Dolorestitas
Percipit Mnesarchum Molestie Phaedrum Luptatum constituam Habeo adipisci Inani zril Forensibus sea Habeo adipisci Minimum corrumpit Regione suscipit Has et partem Percipit Mnesarchum Molestie Phaedrum Luptatum constituam Habeo adipisci Inani zril Vel nisl albucius Habeo adipisci Minimum corrumpit Regione suscipit Percipit maiestatis Regione suscipit Percipit maiestatis
Subtitle
Minimum corrumpit Regione suscipit Has et partem
This page was last edited on 29.07.2017 | Template by HTML5 Templates
Privacy policy About Terms and conditions Cookie statement Developers