Android Memory Capture and Applications for Security and Privacy
Full Text Android Memory Capture and Applications for Security and Privacy, University of New Orleans 2011 Abstract The Android operating system is quickly becoming the most popular platform for...
View ArticleApplication-Level Memory Forensics for Dalvik
Dalvik is the process Virtual Machine used by Android that powers all non-native applications used on Android devices. Through Dalvik memory analysis, a wealth of insight can be gained into the...
View ArticleForensic Analysis of the OS X Spotlight Search Index
Although not yet nearly as widespread as the Windows platform, Mac OS X-based machines are quickly gaining market share, and are now commonly seen in real-world investigations. While some research...
View ArticleRSA Conference 2013
We’ve just gotten back from RSA Security in San Francisco. The talk went great as it seemed there were a few hundred people in the room. The jist of the presentation was that registry forensics can be...
View ArticleClik here to view.
Android Application (Dalvik) Memory Analysis & The Chuli Malware
Introduction In this blog post, we will be presenting new functionality that will be incorporated into the next major Volatility release after version 2.3. This functionality allows for deep analysis...
View ArticleA Framework for Differential Analysis of Malware in RAM
Current analysis methods for images of RAM are limited in that they are designed to analyze a single memory image at a time. When attempting to analyze malware, it is a common technique to spin up a...
View ArticleClik here to view.
Automated Volatility Plugin Generation with Dalvik Inspector
Introduction In this blog post we will be demonstrating a new feature to the Dalvik Inspector tool, which we are planning on releasing this summer at Black Hat USA. Specifically we have added...
View ArticleForensics Tools – find_times.py
Recently, we had the pleasure to join David Cowen on several episodes of his weekly show Forensic Lunch. In this particular episode on Youtube, we discussed some of our recent research on discovering...
View ArticleAnnouncing the BETA release of DAMM
Announcing the BETA release of DAMM, a FOSS memory analysis platform built on top of Volatility Memory analysis is the new(-ish) big thing in the incident response, malware analysis, digital forensics...
View ArticleClik here to view.
Yahoo redirect virus on Mac – what is it all about?
Ever since Internet traffic became an extensively monetizable commodity, bad actors have been focused on intercepting it to generate profit. Unsuspecting users’ devices, including computers and...
View Article
