Memory Forensics with Volatility | HackerSploit Blue Team Series
Volatility is an open source memory forensics framework for incident response and malware analysis. In this video, @HackerSploit will cover some examples of how to use Volatility in a Blue Team hacking scenario.
Chapters:
0:09 Introduction
1:11 What We Will Be Covering
1:43 Pre Requisites
2:02 Introduction to Volatility
3:31 Learning Resources
4:24 Practical Demo
4:32 What is Volatility?
7:49 Using MemLabs to Simulate a Crash/Compromise
10:05 Install Volatility
10:33 Transfer MemLabs Files to this System
11:39 Install and Extract the MemLabs File
12:15 Open the Dump in Volatility
15:37 Perform KDBG Scan
17:51 Extracting Information
19:29 Identify Hidden Processes
20:31 Investigate What a Process Was Doing
21:59 What Commands Were Being Executed?
23:38 Scan and Extract a File
30:01 Obtain Hashes with Volatility & CyberChef
31:52 Exploring Additional Modules
34:00 Conclusion
New to Linode? Get started here with a $100 credit!
Check out the Volatility Github Repo.
Learn more about MemLabs.
Subscribe to get notified of new episodes as they come out.
#Hackersploit #BlueTeam #Volatility
Product: Cybersecurity, Volatility, hacking; @HackerSploit ;