Volatility and Malware Madness!
Our resident forensics expert, Andrew Case, has been hard at work developing additions to the Volatility memory analysis framework. Over the last few months, he has been making application of these new additions as part of his reverse engineering and malware analysis arsenal and has done some excellent write-ups on the use he’s made of these tools and skills. Since we were excited about them, we thought it would be a great idea to pass them along to you as well.
The first entry he passed along is a detailed breakdown of a Network Forensics challenge he took part in at GrrCon this year. He and the author of the Malware Analyst’s Cookbook, Michael Ligh, used some ingenious techniques to attack this challenge. You can read about it here:
The second entry he shared with us is a detailed breakdown of a 3-day malware analysis marathon he recently did to tear apart and examine a uniquely interesting Linux kernel rootkit. Enjoy:
We’re always interested to hear your comments and thoughts on everything we send your way so please feel free to contact us with anything at email@example.com.
The Hacker Academy Team