OS Analysis with Volatility
In this course, you will learn how to perform OS analysis of volatile memory using the tool volatility, the most advanced memory forensics framework.
What you'll learn
In this course, OS analysis with Volatility, you will cover how to utilize Volatility to identify and detect evidence of suspected compromise such as malicious commands and programs executed on a host computer system. You will learn how to extract the command line history from the volatile memory. You will also learn how to initiate an investigation of malicious programs and how to defend against malicious program execution. When you are finished with the course, you will have the skills and knowledge to aid in mitigating technique T1055 and 1059.
Table of contents
About the author
Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at Pluralsight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases. Parallel to this Tim ran a research and development business creating solutions from design through to support resulting in some unique and niche software not developed anywhere else. Tim now works fully within t... more