» » Getting Started with Memory Forensics Using Volatility | Pluralsight

 

Getting Started with Memory Forensics Using Volatility | Pluralsight

Author: turkensai on 2-11-2019, 18:36, views: 212

0

Getting Started with Memory Forensics Using Volatility | Pluralsight

Getting Started with Memory Forensics Using Volatility | Pluralsight | 242.35 MB

With the increasing sophistication of malware, adversaries, and insider threats, memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform.

Memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform. With the increasing sophistication of malware, adversaries, and even insider threats, relying just on dead-box forensics and other security tools without extracting the valuable information located in volatile memory can result in missing out on key artifacts needed for a forensic investigation. In this course, Getting Starting with Memory Forensics Using Volatility, you will gain a foundational knowledge of how to perform memory forensics using the Volatility framework. First, you will learn the background information of Volatility including how to download, configure, and run it. Next, you will explore how to utilize Volatility to perform memory forensics on Linux, macOS, and Windows memory images. Finally, you will go through a real life scenario entailing of a security incident in which we will leverage volatility to perform memory forensics on an image in order to discover what occurred on the victim host. When you’re finished with this course, you will have the skills and knowledge needed to perform memory forensics using Volatility.

Download link:




Links are Interchangeable - Single Extraction - Premium is support resumable

Category: Magazine

Dear visitor, you are browsing our website as Guest.
We strongly recommend you to register and login to view hidden contents.

Add comments

Your Name:*
E-Mail:
Comment:
Security Code: *
Click on the image to refresh the code if it cannot be viewed
 
Themes: