Volatility and Malware Madness!

Oct 19 2012 Younie Learning, Supplemental, Tool No Comments

Our resident forensics expert, Andrew Case, has been hard at work developing additions to the Volatility memory analysis framework. Over the last few months, he has been making application of these new additions as part of his reverse engineering and malware analysis arsenal and has done some excellent write-ups on the use he’s made of these tools and skills. Since we were excited about them, we thought it would be a great idea to pass them along to you as well.

The first entry he passed along is a detailed breakdown of a Network Forensics challenge he took part in at GrrCon this year. He and the author of the Malware Analyst’s Cookbook, Michael Ligh, used some ingenious techniques to attack this challenge. You can read about it here:

http://volatility-labs.blogspot.com/2012/10/solving-grrcon-network-forensics.html

The second entry he shared with us is a detailed breakdown of a 3-day malware analysis marathon he recently did to tear apart and examine a uniquely interesting Linux kernel rootkit. Enjoy:

http://volatility-labs.blogspot.com/2012/10/phalanx-2-revealed-using-volatility-to.html

We’re always interested to hear your comments and thoughts on everything we send your way so please feel free to contact us with anything at support@thehackeracademy.com.

Cheers,
The Hacker Academy Team

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>