We (the Volatility team) have published three videos showing off new features in the recently released Volatility 2.4 version. These videos were originally shown at Black Hat Arsenal this past summer.
The first video shows how to locate and extract rootkit components from process and kernel memory and then gather context for IDA: http://www.youtube.com/watch?v=LVJ5mpZZdY4 The second shows how to uncover a number of artifacts of OS X user activity: http://www.youtube.com/watch?v=1pZkNRdjWHQ The last shows how to defeat True Crypt no matter how the user configures the volumes or settings: http://www.youtube.com/watch?v=A2d2OFGSnKU If you have any questions or comments then please let us know. -- Thanks, Andrew (@attrc) _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
