Comprehensive memory forensic malware analysis
- Speaker: Ricardo J. Rodríguez
- Topic: Digital Forensics and Incident Response (DFIR).
- Content of the workshop:
- Introduction (memory forensics, process forensics, malware, incident response).
- Preliminary concepts (structure of a process on Windows and Linux).
- Phases of malware analysis vs. phases of forensic analysis.
- Collecting information of interest through Volatility.
- Detecting indicators of compromise.
- Development of own analysis tools.
English