Getting Started with Memory Forensics Using Volatility
|
With the increasing sophistication of malware, adversaries, and insider threats, memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform.
Memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform. With the increasing sophistication of malware, adversaries, and even insider threats, relying just on dead-box forensics and other security tools without extracting the valuable information located in volatile memory can result in missing out on key artifacts needed for a forensic investigation. In this course, Getting Starting with Memory Forensics Using Volatility, you will gain a foundational knowledge of how to perform memory forensics using the Volatility framework. First, you will learn the background information of Volatility including how to download, configure, and run it. Next, you will explore how to utilize Volatility to perform memory forensics on Linux, macOS, and Windows memory images. Finally, you will go through a real life scenario entailing of a security incident in which we will leverage volatility to perform memory forensics on an image in order to discover what occurred on the victim host. When you’re finished with this course, you will have the skills and knowledge needed to perform memory forensics using Volatility.
Author Name: Collin Montenegro
Author Description:
Collin Montenegro is a Cybersecurity professional who is passionate about all things cybersecurity and IT related! He is based out of Las Vegas, NV where he runs the largest local cybersecurity hacker group named Shad0w Synd1cate. He holds a Master’s degree in Cybersecurity and Information Assurance where his specialties include incident response, forensics, and other facets of the blue team spectrum. You can reach Collin via Instagram (@collinmontenegro), Twitter (@_Unkn0wn1), LinkedIn, or hi… more
Table of Contents
- Course Overview
1min - Getting Started with Volatility
17mins - Memory Profile Creation and Command-line Basics for Linux
13mins - Memory Profile Creation and Command-line Basics for macOS
12mins - Command-line Basics for Windows: Image Identification & Process Listing
12mins - Command-line Basics for Windows: Networking & Registry
5mins - Command-line Basics for Windows: Other Useful Commands
7mins - Tying It All Together
11mins
User Reviews
Be the first to review “Getting Started with Memory Forensics Using Volatility”
Related Products
Pluralsight LIVE 2018: Get Your Geek On (Security)
Safeguard your organization from threats by leveling up your security know-how.
Maintaining Deployment Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to maintain the security of your deployed resources in Azure.
Using Microsoft Azure Security Tools to Protect AI Solutions
As more and more systems are automated with the use of AI, securing AI solutions is of paramount importance. In this course, you will explore the various facilities Azure offers to secure Azure machine service learning solutions.
Security Management: A Case Study
Security management encompasses a number of verticals, dealing with the day to day, developing programs, maintaining compliance and managing risk. This course covers what's important when starting up a cyber-security initiative.
Building and Leading an Effective Threat Modeling Program
If you've seen the benefits of threat modeling in action and want to take this popular security approach to the next level, then this course will teach you how to plan, execute, and manage a threat modeling program at scale within your organization.
Basic Security Concepts for Cisco Networks
The CCNA exam requires an understanding of basic security for networking. This course will review password policies, AAA, DHCP snooping, and Dynamic ARP inspection.
There are no reviews yet.