Introduction to Windows Memory Analysisby Chad Tilbury via SANS Digital Forensics

Memory forensics has come a long way in just a few years. It can be extraordinarily effective at finding evidence of worms, rootkits, and advanced malware. While traditionally the sole domain of Windows internals experts, recent tools now make memory analysis feasible for anyone. Better interfaces, documentation, and built-in detection heuristics have greatly leveled the playing field. This talk will introduce some of the newest free tools available and give you a head start in adding this valuable skill to your security toolkit.

Published 20 March 2015