Memory Forensics with Volatility | HackerSploit Blue Team Series
Volatility is an open source memory forensics framework for incident response and malware analysis. In this video, @HackerSploit will cover some examples of how to use Volatility in a Blue Team hacking scenario.
1:11 What We Will Be Covering
1:43 Pre Requisites
2:02 Introduction to Volatility
3:31 Learning Resources
4:24 Practical Demo
4:32 What is Volatility?
7:49 Using MemLabs to Simulate a Crash/Compromise
10:05 Install Volatility
10:33 Transfer MemLabs Files to this System
11:39 Install and Extract the MemLabs File
12:15 Open the Dump in Volatility
15:37 Perform KDBG Scan
17:51 Extracting Information
19:29 Identify Hidden Processes
20:31 Investigate What a Process Was Doing
21:59 What Commands Were Being Executed?
23:38 Scan and Extract a File
30:01 Obtain Hashes with Volatility & CyberChef
31:52 Exploring Additional Modules
New to Linode? Get started here with a $100 credit!
Check out the Volatility Github Repo.
Learn more about MemLabs.
Subscribe to get notified of new episodes as they come out.
#Hackersploit #BlueTeam #Volatility
Product: Cybersecurity, Volatility, hacking; @HackerSploit ;
Linux Memory Acquisition with LiME | HackerSploit Blue Team Training
You might also like…
HackerSploit: Docker Security SeriesGain the necessary skills to be able to audit, secure and manage Docker in the context of an organization or in their own personal projects.
Linux Red Team Exploitation Techniques | Red Team Series 4-12This guide is part of the HackerSploit Red Team series of guides. In this video, we will cover Exploitation Techniques for Linux systems.
Red Team Recon Techniques | Red Team Series 2-12This video is part of our Red Team series from Hackersploit. In this video, we cover Red Team Reconnaissance Techniques.
Linux Defense Evasion – Linux Rootkits | Red Team Series 12-13In this video portion of our Red Team Series we will cover Linux Rootkits.