Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deeper research never hurts! Check out the following links: Our tools:  Tools - Benjamin Delpy

Published byRosalyn Henderson Modified over 9 years ago

Similar presentations

Presentation on theme: "Deeper research never hurts! Check out the following links: Our tools:  Tools - Benjamin Delpy"— Presentation transcript:

1

2

3 Deeper research never hurts!

4

5 Check out the following links: Our tools: http://cqure.pl  Tools http://www.gentilkiwi.com/ - Benjamin Delpy http://code.google.com/p/volatility

6

7

8 Memory dumps contain personal information, but… how personal?

9 Memory Forensics grabs the data at the lowest level: (most) malware cannot hide!

10

11

12 Processes Threads Modules Handles Registry Apihooks Services UserAssist Shellbags ShimCache Event Logs Registry (again) Timeline

13

14

15

16

17

18 Memoryze: Live analysis

19

20

21

22

23

24

25

26

27 www.microsoft.com/learning http://developer.microsoft.com http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

28

29

30

31

32

Download ppt "Deeper research never hurts! Check out the following links: Our tools:  Tools - Benjamin Delpy"

Similar presentations

Malware Artifacts.

Malware Artifacts.
Defense Against the Dark Arts Defense Against The Dark Arts Christiaan Beek IntelSecurity / McAfee Labs.

Defense Against the Dark Arts Defense Against The Dark Arts Christiaan Beek IntelSecurity / McAfee Labs.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
With great power…comes great responsibility

With great power…comes great responsibility
How to Detect a Memory Leak By Using System Performance Monitor in Windows 2000.

How to Detect a Memory Leak By Using System Performance Monitor in Windows 2000.
THE ART AND METHODOLOGY OF TROUBLESHOOTING Alexey Diomin,

THE ART AND METHODOLOGY OF TROUBLESHOOTING Alexey Diomin,
Introduction to InfoSec – Recitation 13 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 13 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Deeper research never hurts!

Deeper research never hurts!
COMP205 Comparative Programming Languages Part 1: Introduction to programming languages Lecture 3: Managing and reducing complexity, program processing.

COMP205 Comparative Programming Languages Part 1: Introduction to programming languages Lecture 3: Managing and reducing complexity, program processing.
Guide to Computer Forensics and Investigations Third Edition Chapter 11 Network Forensics.

Guide to Computer Forensics and Investigations Third Edition Chapter 11 Network Forensics.
Tess Ferrandez ASP.NET Escalation Engineer Microsoft Session Code: WIA402.

Tess Ferrandez ASP.NET Escalation Engineer Microsoft Session Code: WIA402.
2 Debugging Performance Issues, Memory Issues and Crashes in.net Applications Tess Ferrandez - Norlander Support Escalation Engineer Microsoft Session.

2 Debugging Performance Issues, Memory Issues and Crashes in.net Applications Tess Ferrandez - Norlander Support Escalation Engineer Microsoft Session.
Forensic Artifacts From A Pass The Hash (PtH) Attack

Forensic Artifacts From A Pass The Hash (PtH) Attack
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Ch 6. Performance Rating Windows 7 adjusts itself to match the ability of the hardware –Aero Theme v. Windows Basic –Gaming features –TV recording –Video.

Ch 6. Performance Rating Windows 7 adjusts itself to match the ability of the hardware –Aero Theme v. Windows Basic –Gaming features –TV recording –Video.
/

/
Have your say We want to make sure postgraduate students have the best possible experience. To do that we need to know what you think, if we are doing.

Have your say We want to make sure postgraduate students have the best possible experience. To do that we need to know what you think, if we are doing.
5. Windows System Artifacts Part 1. Topics Deleted data Hibernation Files Registry.

5. Windows System Artifacts Part 1. Topics Deleted data Hibernation Files Registry.
Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:

Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:
Sept 2009 Web Services Team / ISAS / DMU What does this cover? 1. myDMU information portal 2.Blackboard a web learning system 3. e-mail DMU Google mail.

Sept 2009 Web Services Team / ISAS / DMU What does this cover? 1. myDMU information portal 2.Blackboard a web learning system 3. DMU Google mail.

Similar presentations

Ads by Google