WEBCAST: Windows Memory Forensics

John Strand //

In the last webcast we covered initial Windows Live Forensics (see the recording here), in this one we play with memory from a compromised system. We cover the tools to dump memory from a system and some of the basic tools to look at the memory of a system which may be compromised.

(Apparently we didn’t pray hard enough to the demo gods and there are a few snafus but… hey, we’re real people too!)

Want the slides? Check out www.tinyurl.com/504extra2

Want to level up your skills and learn more straight from John himself?
You can check out his classes below!

SOC Core Skills

Active Defense & Cyber Deception

Getting Started in Security with BHIS and MITRE ATT&CK

Introduction to Pentesting

Available live/virtual and on-demand