دوره BlackPerl – Memory Forensics Masterclass for Incident Responders

Memory Forensics is an interesting topic and now a days a very crucial skill that Incident Responder should have to climb above the food chain. This course has been developed from absolute basics and with hands on practice for everyone. Memory forensics is an integral part of successful incident response investigations. Over the last year, incident response procedures have grown from investigating single computer images at time to investigating hundreds of thousand machines all at once. In the beginning of every investigation, the attacker is way ahead. Incident responders need to find ways to get ahead of the attackers quickly and kick them out of our networks. While there has been a lot of light shed on scaling hard drive artifact-based investigations to large numbers of endpoints, the memory forensics part has been the neglected part of classical forensics for a while.

Syllabus

  1. Introduction
  2. Memory Fundamentals
  3. Windows Acquisition Tools
  4. Windows Memory Leak
  5. Linux Acquisition Tools
  6. MacOS Acquisition Tools
  7. Introduction to Analysis Tools
  8. Introduction to Memory Management
  9. Windows Memory Analysis
  10. Linux Memory Analysis
  11. Memory Injection Techniques
  12. Hunting Malware in Memory
  13. Case Studies
  14. Docker Memory Forensics
  15. Assessment

BlackPerl – Memory Forensics Masterclass for Incident Responders