Getting Started with Memory Forensics Using Volatility

Focused View

Collin Montenegro

1:21:27

42 View

01 - Course Overview

01 - Course Overview.mp4

01:34

02 - Getting Started with Volatility

02 - Introduction to Volatility.mp4

06:04

03 - Volatility Website and GitHub Page Walkthrough.mp4

04:29

04 - Volatility Standalone and Source Code Versions (Download and Installation).mp4

06:24

05 - Whats Next.mp4

00:37

03 - Volatility Command-line Basics for Linux

06 - Learning Volatility Memory Profile Creation and Command-line Basics for Linux.mp4

04:38

07 - Volatility Command-line Basics for Linux & linux netstat.mp4

02:47

08 - Volatility Process Listing Commands for Linux.mp4

02:56

09 - Recovering Bash History Using linux bash.mp4

01:08

10 - Recap.mp4

01:36

04 - Volatility Command-line Basics for macOS

11 - Volatility Memory Profile Creation for macOS.mp4

03:53

12 - Volatility Command-line Basics for macOS & mac get profile.mp4

02:33

13 - Volatility Process Listing Commands for macOS.mp4

03:58

14 - Recap.mp4

01:53

05 - Profiling and Process Listing (Windows)

15 - Volatility Command-line Basics for Windows & Image Identification Commands.mp4

05:14

16 - Volatility Process Listing Commands for Windows.mp4

02:54

17 - Supplemental Process Commands for Windows.mp4

02:39

18 - Recap.mp4

02:03

06 - Extracting Network and Registry Data (Windows)

19 - Networking & Registry Overview.mp4

02:29

20 - Volatility Registry Commands for Windows.mp4

02:33

21 - Recap.mp4

00:55

07 - Extracting Other Useful Artifacts (Windows)

22 - Other Useful Command Overview.mp4

02:20

23 - Using Volatility to List PE Version Information.mp4

01:20

24 - Using Volatility to List Windows Services.mp4

00:55

25 - Using Volatility to Dump a Process Executable.mp4

01:30

26 - Recap.mp4

00:56

08 - Tying It All Together

27 - Memory Forensics Investigation Scenario.mp4

06:56

28 - Recap & Where To Go From Here.mp4

04:13

Description

With the increasing sophistication of malware, adversaries, and insider threats, memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform.

What You'll Learn?

Memory forensics is a critical skill that forensic examiners and incident responders should have the ability to perform. With the increasing sophistication of malware, adversaries, and even insider threats, relying just on dead-box forensics and other security tools without extracting the valuable information located in volatile memory can result in missing out on key artifacts needed for a forensic investigation. In this course, Getting Starting with Memory Forensics Using Volatility, you will gain a foundational knowledge of how to perform memory forensics using the Volatility framework. First, you will learn the background information of Volatility including how to download, configure, and run it. Next, you will explore how to utilize Volatility to perform memory forensics on Linux, macOS, and Windows memory images. Finally, you will go through a real life scenario entailing of a security incident in which we will leverage volatility to perform memory forensics on an image in order to discover what occurred on the victim host. When you're finished with this course, you will have the skills and knowledge needed to perform memory forensics using Volatility.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Computer Forensics

Collin Montenegro

Instructor's Courses

Collin Montenegro is a Cybersecurity professional who is passionate about all things cybersecurity and IT related! He is based out of Las Vegas, NV where he runs the largest local cybersecurity hacker group named Shad0w Synd1cate. He holds a Master's degree in Cybersecurity and Information Assurance where his specialties include incident response, forensics, and other facets of the blue team spectrum. You can reach Collin via Instagram (@collinmontenegro), Twitter (@_Unkn0wn1), LinkedIn, or his blog thecybersector.com.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.