Published On Jun 24, 2022
Linux memory analysis is a well known and researched topic. You're likely familiar with many tools that allow us to capture memory from a Windows system. But, have you ever wondered memory capture process for Linux system? And how can you analyze them using Volatility? Well, wait no longer, because that's exactly what we'll cover in this episode! I will show you the easiest process to perform memory capture for a Linux system and how to prepare your volatility tool to parse that memory dump to extract valuable information at the time of doing forensics investigation!
In today's episode I have tried to show you from scratch how can you analyze the memory of an infected Linux machine. What are the basic steps, basic plugins, how they differ from windows and how to pivot from one analytics to another.
👉Watch this episode-    • Linux Memory Capture and Analysis - V...  for creation of Linux Kernel profile for volatility.
WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------
INCIDENT RESPONSE TRAINING Full Course 👉   • BlackPerl DFIR  || INCIDENT RESPONSE ... Â
DFIR Free Tools and Techniques 👉    • BlackPerl DFIR || DFIR Tools and Tech... Â
Windows and Memory Forensics 👉    • BlackPerl DFIR || Windows and Memory ... Â
Malware Analysis 👉    • BlackPerl DFIR || Malware Analysis Se... Â
SIEM Tutorial 👉    • BlackPerl DFIR || Learn SIEM with me ... Â
Threat Hunt & Threat Intelligence 👉    • BlackPerl DFIR || Threat Hunt & Threa... Â
Threat Hunt with Jupyter Notebook👉    • Threat Hunt with Jupyter Notebook Â
📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
âś” LinkedIn:   / blackperl Â
âś” You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5
âś” Twitter: @blackperl_dfir
âś” Git: https://github.com/archanchoudhury
âś” Insta: (blackperl_dfir)  / blackperl_dfir Â
âś” Can be reached via [email protected]
🙏Credit-
-------------------------------------------------------------------------------------------------------------------------
The sample memory image and this episode is influenced by the CTF prepared by 2phi and Nofix on CyberDefenders Platform. Huge Shout out to the Team for preparing this challenge. You can practice and complete the challenge from here- https://cyberdefenders.org/blueteam-c...
The answers need to be obtained by yourself and none of them have been provided here in this episode!
