PaulDotCom mailing list archives
Final Week of Month of Volatility Plugins II is posted
From: Andrew Case <atcuno () gmail com>
Date: Thu, 13 Jun 2013 12:49:30 -0400
We are writing as the final week of the second installment of the Month of Volatility Plugins is now posted. Volatility 2.3 is currently in beta, and the blog posts are focusing on new features in this version. This week's posts discussed a number of new and updated plugins used to analyze Mac systems. The first post demonstrated leveraging process cross-view analysis for Mac rootkit detection: http://volatility-labs.blogspot.com/2013/06/movp-ii-41-leveraging-process-cross.html The second post covered dumping, scanning, and searching process memory: http://volatility-labs.blogspot.com/2013/06/movp-ii-42-dumping-scanning-and.html The third post discussed how to recover networking information: http://volatility-labs.blogspot.com/2013/06/movp-ii-43-recovering-mac-os-x-network.html The fourth post showed a number of artifacts in Mac kernel memory: http://volatility-labs.blogspot.com/2013/06/movp-ii-44-whats-in-your-mac-osx-kernel.html The fifth post analyzed the Rubilyn kernel rootkit and detected it in a number of ways: http://volatility-labs.blogspot.com/2013/06/movp-ii-45-mac-volatility-vs-rubilyn.html We hope you have enjoyed this month's posts and will be trying 2.3 when its released! If you have any questions or comments please comment on an individual blog post or reply to this email. Thanks, Andrew (@attrc) _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Final Week of Month of Volatility Plugins II is posted Andrew Case (Jun 13)