Volatility Workbench is a graphical user interface (GUI) for the Volatility tool. Volatility is a command line memory analysis and forensics tool...
Heathrow Airport has been fined with £120k by the Information Commissioner Office for serious deficiencies in data protection The fact arose after...
XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important...
CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows. It assists blue team members...
Among the ten major cyber threats identified by BSI in 2016, the use of portable peripheral devices ranks second. While the same agency suggests engaging...
deepin desktop edition is known to often preferred by the users who love to use a system that’s easy to use and...
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell...
The goal of this volatility plugin is to extract a screenshot of all open X windows from a memory dump. Overview The...
The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted in electronic or magnetic...
Gnome has been Ubuntu’s default desktop environment for a while. Recently, some Ubuntu 17.10 users have started to observe a memory leak...
Introduction to Memory Leaks In Java Apps One of the core benefits of Java is the JVM, which is an out-of-the-box memory management....
DAMM (Differential Analysis of Malware in Memory) is an open source memory analysis tool built on top of Volatility. It is meant as...
Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like...
The Volatility Foundation, the non-profit organization behind the Volatility Framework, sponsors the yearly Volatility Plugin Contest to acknowledge the best forensic tools...
A Sophisticated Ursnif Malware variant using manipulated TLS call back Anti-Analysis Technique while injecting the Child Process for changing the entry point....
Row-hammer is hardware bug that can cause bit-flips in physical RAM. Mark Seaborn and Thomas Dullien were the first to exploit the DRAM row-hammer bug to...
Patch diffing is a common technique of comparing two binary builds of the same code – a known-vulnerable one and one containing...
Memoryze is a free memory forensic software that helps incident responders find evil in live memory. It can acquire and/or analyze memory images...
A post-exploitation powershell tool for extracting juicy info from memory. mimikittenz mimikittenz is a post-exploitation powershell tool that utilizes the Windows function...
The heap In this chapter we will look at the heap and malloc in order to answer some of the questions we...
Hackers at the Google Project Zero team have discovered another critical Windows RCE vulnerability, the worst Windows RCE in recent memory. Security...