Company: Pluralsight Author: Corey Charles Full Title: Getting Started With Windows Memory Forensics Year: 2019 Language: English Genre: Educational: Security Skill Level: Beginner Price: - - Files: MP4 (+ Slides .PDF) Time: 00:52:36 Video: AVC, 1024 x 768 (1.333) at 30.000 fps, 150 kbps Audio: AAC at 96 Kbps, 2 channels, 48.0 KHz By learning how to capture computer memory and profile its contents, you'll add an invaluable resource to your incident response, malware analysis, and digital forensics capabilities. Companies protect themselves with digital defenses such as firewalls, encryption, and signature/heuristic scanning. Additionally, nations plan attacks by targeting power grids, infiltrating military data centers, and stealing trade secrets from both public and private sectors. In this course, Getting Started with Windows Memory Forensics, you will gain the ability to examine the different compartments of the windows operating system to discover abnormal or malicious behavior. First, you will learn how to examine process memory. Next, you will discover how to identify malicious network connections. Finally, you will explore how to detect code injection and perform memory extraction and analysis. When you are finished with this course, you will have the skills and knowledge of Windows Memory Forensics needed to examine the different compartments of the windows operating system to discover abnormal or malicious behavior. Lessons: 1. Course Overview 01. Course Overview 2. Allocating Windows Objects and Pool 02. Collecting Volatile Data 03. Systems Overview 04. Data Structures 05. The Volatility Framework 3. Processing Memory Internals 06. Memory Acquisition 07. Preserving the Digital Environment 08. The Risk of Acquisition 09. Atomicity 10. Physical and Virtual Memory 11. Local Aquisition 12. Remote Acquisition 13. Runtime Interrogation 4. Hunting Malware in Process Memory 14. Hunting Malware in Process Memory 15. Process Environment Block 16. Data Structures 17. Finding Text on Notepads Heap 18. Environment Variables 19. Attacks on Environment Variables 20. Standard Handles 21. DLL 22. How DLLs Are Loaded 23. PE Files 24. Code Injection 5. Course Wrap Up 25. Course Wrap Up 26. Processing Memory Internals Wrap Up 27. Hunting Malware in Process Memory Wrap Up Our members see more. Join us! ------------- Our members see more. Join us!
