Home page logo

pauldotcom logo PaulDotCom mailing list archives

Third Week of Month of Volatility Plugins II is posted
From: Andrew Case <atcuno () gmail com>
Date: Tue, 4 Jun 2013 22:35:01 -0500

We are writing as the third week of the second installment of the
Month of Volatility Plugins is now posted. Volatility 2.3 is currently
in beta, and the blog posts are focusing on new features in this
version. This week's posts discussed a number of new and updated
plugins used to analyze Linux and Android systems.

The first post covered two new methods to detect kernel-level keyloggers:


The second post covered using Python and Yara to help with Linux &
Android memory analysis:


The third post discussed the updated and now automated bash history scanner:


The fourth post discussed checking the ARM (Android) system call table
and exception vector table for signs of rootkits:


The fifth post discussed utilizing the kmem_cache on Android systems:


We hope you enjoy the posts, and the fourth and final week of posts
will begin tomorrow and cover a number of new plugins to help analyze
Mac samples.

If you have any questions or comments please comment on an individual
blog post or reply to this email.

Andrew (@attrc)
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
  • Third Week of Month of Volatility Plugins II is posted Andrew Case (Jun 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]