Menu
Memory Forensics
Running process information: Rogue processes such as rootkits-based malware can be detected via memory forensics.
Passwords: It's easy to find the password (clear text) in memory Contents of open windows: This is a piece of crucial information to learn about the user's current state. Network Connection Information: Finding Exfiltration & C2 (Command and control) can be found here. We are all aware of things like TLS etc. The best way to get the decrypted version of the information is in memory. Comments are closed.
|
Archives
August 2019
Categories |