Article: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction - published almost 5 years ago. Content: This is the final post in the three-part series: Finding Evil in Windows 10 Compressed Memory. In the first post (Volatility and Rekall Tools), the FLARE team introduced updates to both memory forensic toolkits. These updates enabled these open source tools to analyze previously inaccessible compressed data in memory. This research was shared... https://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-three.html Published: 2019 08 08 20:45:00 Received: 2022 05 23 16:06:46 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive - published almost 5 years ago. Content: Introduction This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In Part One of the series, we covered the integration of the research in both Volatily and Rekall memory forensics tools. We demonstrated that forensic artifacts (including... https://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html Published: 2019 08 08 20:30:00 Received: 2022 05 23 16:06:46 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Click to Open Code Editor