CSI:Internet series - Spyeye detection with Volatility v2 and kernel debugging the TDL4 rootkit

Submitted by frank_boldewin on Tue, 2011-10-04 08:50. Malware

Just in case you missed my forensic analysis contributions for the CSI:Internet series on h-online.com...

CSI:Internet - A trip into RAM
http://www.h-online.com/security/features/CSI-Internet-A-trip-into-RAM-1339479.html

CSI:Internet - Open heart surgery
http://www.h-online.com/security/features/CSI-Internet-Open-heart-surgery-1350313.html

Enjoy!

» frank_boldewin's blog | login to post comments

Good article,Especially explain how to analysis dump file

Submitted by FlyFire on Mon, 2011-11-14 20:58.

the quieter you become,the more you can hear

» login to post comments

Operated by the Georgia Tech Information Security Center