- This week we are learning about memory forensics!
- Memory forensics involves analysing memory dumps from computers to find information about how the computer has been used
- This may be done by looking at files, logs, processes, etc.
- Our tool of choice for today!
- Open source memory dump analysis framework
- Provides lots of tools for pulling information and data about a computer from the memory dump
- Make and/or activate your venv
python3 -m venv venv && . venv/bin/activate
- Install using
pip or build from the github
- Memory forensics challenges from ctf.afnom.net
Grimace's Sauce and Password
- Volatility Labs on cyberdefenders.org