Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS AWS Certified Developer - Associate CompTIA Security+
Photoshop Graphic Design Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Mindfulness Personal Development Personal Transformation Meditation Life Purpose Coaching Neuroscience
Web Development JavaScript React CSS Angular PHP Node.Js WordPress Python
Google Flutter Android Development iOS Development Swift React Native Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
SQL Microsoft Power BI Tableau Business Analysis Business Intelligence MySQL Data Analysis Data Modeling Big Data
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Online Business Business Plan Startup Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee

This course includes:

  • 2 hours on-demand video
  • 5 articles
  • 1 downloadable resource
  • Full lifetime access
  • Access on mobile and TV
IT & Software Network & Security Computer Forensics

SDF: Memory Forensics 1

Learn Windows memory forensics
Rating: 4.5 out of 54.5 (205 ratings)
1,367 students
Created by Michael Leclair
Last updated 2/2019
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • Learn how to use Volatility
  • Learn to do a fast-triage compromise assessment
  • Understand plugin output for investigations
  • Learn the value of Windows core processes for exams
Curated for the Udemy for Business collection

Requirements

  • Students need PC, Mac or Linux system (virtual machine preferred)
  • Willingness to learn!

Description

*** COURSE COMPLETELY REWRITTEN AND UPDATED 2019 ***

Learn to use Volatility to conduct a fast-triage compromise assessment.

A system's memory contains an assortment of valuable forensic data. Memory forensics can uncover evidence of compromise, malware, data spoliation and an assortment of file use and knowledge evidence - valuable skills for both incident response triage work as well as in digital forensic exams involving litigation.

This class teaches students how to conduct memory forensics using Volatility.

  • Learn how to do a fast-triage compromise assessment

  • Learn how to work with raw memory images, hibernation files and VM images

  • Learn how to run and interpret plugins

  • Hands-on practicals reinforce learning

  • Learn all of this in about one hour using all freely available tools.

Who this course is for:

  • Computer forensic examiners
  • Computer crime investigators
  • Computer security incident responders
  • Security analysts
  • IT professionals
  • Students

Course content

6 sections • 43 lectures • 1h 45m total length

  • Preview00:32
  • Preview02:30
  • Class setup
    02:16
  • Setup information
    00:13
  • Class Downloads
    00:06

  • Preview00:49
  • Preview04:30
  • About Processes
    02:09
  • Process demo
    04:19
  • Volatility overview
    01:52
  • Volatility setup
    01:08
  • Using Volatility
    03:32

  • Preview02:06
  • Identifying supported OS
    01:08
  • Supported Memory Formats
    01:22
  • Live captures
    05:36
  • RAM capture fundamentals
    00:07
  • Hiberfil & crash dumps
    02:32
  • Hiberfil & crash dump locations
    00:10
  • Practical: convert hiberfil.sys file
    10:01
  • VM hosts
    02:47

  • Section overview
    00:51
  • Overview of plugins
    01:33
  • Listing plugins
    01:02
  • Imageinfo
    02:38
  • KDBG scan
    01:35
  • OS upgrade issues
    01:42
  • PSLIST
    03:36
  • PSSCAN
    02:58

  • Preview00:50
  • Reference Material
    00:00
  • Windows core processes
    07:17
  • Collect running processes
    01:24
  • PSLIST - all WinCore check
    03:47
  • PSLIST - all non-WinCore check
    02:14
  • PSLIST - singleton check
    01:15
  • PSLIST - WinCore boot time check
    01:50
  • PSSCAN - all non WinCore
    06:24
  • PSSCAN - process sort
    03:35
  • Not boot time
    03:44

  • What's next?
    02:52
  • Conclusion
    04:13
  • Thank You!
    00:39

Instructor

Michael Leclair
DFIR Professional
Michael Leclair
  • 4.5 Instructor Rating
  • 1,111 Reviews
  • 4,831 Students
  • 15 Courses

Over 15 years of experience of Digital Forensic and Incident Response experience, author and developer of computer forensic training and analysis tools. Specialties include: Windows forensics, Mac forensics, iOS forensics, Mac Server forensics & mobile device forensics. 

Certifications include: CFCE, CISSP, CCE, EnCE, A+, Network+

Regularly instruct law enforcement, government and corporate investigators both nationally and internationally in computer forensics.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.