A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Building “Muscle Memory” with Rekall Memory Forensic Framework - Alissa Torres (BSides Augusta 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Building “Muscle Memory” with Rekall Memory Forensic Framework
Alissa Torres

Are you the Incident Response "Super Hero" in your organization? Add another IR superpowers star to your cape by attending a “How to” on effectively wielding the Rekall Memory Forensic Framework to slice through live or captured system memory. Alissa, co-author of the SANS FOR526 "Memory Forensics In-Depth" course will demo the newest capabilities of this bleeding-edge analysis tool.  You have heard about how simple Rekall is to use!  And there are new capabilities that the Rekall development team has recently added. Grab the page file while acquiring physical memory using Rekall’s winpmem and parse the memory of virtualized machines from a host memory image.  Grab a memory image (or use ours) and play along!

Back to BSides Augusta 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast