Practical memory forensics: jumpstart effective forensic analysis of volatile memory
A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore memory forensics, one of the vital branches of digital investigation Learn the art of user activities reconstruction and malware detection using volatile memory Get acquainte...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Birmingham ; Mumbai
Packt Publishing, Limited
2022
|
| Ausgabe: | First published |
| Schlagworte: | |
| Online-Zugang: | DE-Aug4 DE-573 DE-706 Volltext |
| Zusammenfassung: | A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore memory forensics, one of the vital branches of digital investigation Learn the art of user activities reconstruction and malware detection using volatile memory Get acquainted with a range of open-source tools and techniques for memory forensics Book Description Memory Forensics is a powerful analysis technique that can be used in different areas, from incident response to malware analysis. With memory forensics, you can not only gain key insights into the user's context but also look for unique traces of malware, in some cases, to piece together the puzzle of a sophisticated targeted attack. Starting with an introduction to memory forensics, this book will gradually take you through more modern concepts of hunting and investigating advanced malware using free tools and memory analysis frameworks. This book takes a practical approach and uses memory images from real incidents to help you gain a better understanding of the subject and develop the skills required to investigate and respond to malware-related incidents and complex targeted attacks. You'll cover Windows, Linux, and macOS internals and explore techniques and tools to detect, investigate, and hunt threats using memory forensics. Equipped with this knowledge, you'll be able to create and analyze memory dumps on your own, examine user activity, detect traces of fileless and memory-based malware, and reconstruct the actions taken by threat actors. By the end of this book, you'll be well-versed in memory forensics and have gained hands-on experience of using various tools associated with it. What you will learn Understand the fundamental concepts of memory organization Discover how to perform a forensic investigation of random access memory Create full memory dumps as well as dumps of individual processes in Windows, Linux, and macOS Analyze hibernation files, swap files, and crash dumps Apply various methods to analyze user activities Use multiple approaches to search for traces of malicious activity Reconstruct threat actor tactics and techniques using random access memory analysis Who this book is for This book is for incident responders, digital forensic specialists, cybersecurity analysts, system administrators, malware analysts, students, and curious security professionals new to this field and interested in learning memory forensics. A basic understanding of malware and its working is expected. Although not mandatory, knowledge of operating systems internals will be helpful. For those new to this field, the book covers all the necessary concepts |
| Beschreibung: | Description based upon print version of record |
| Beschreibung: | 1 Online-Ressource (xvi, 286 Seiten) Illustrationen |
| ISBN: | 9781801079549 1801079544 |
Internformat
MARC
| LEADER | 00000nam a22000001c 4500 | ||
|---|---|---|---|
| 001 | BV048292641 | ||
| 003 | DE-604 | ||
| 005 | 20250113 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 220621s2022 xx a||| o|||| 00||| eng d | ||
| 020 | |a 9781801079549 |c Online |9 978-1-80107-954-9 | ||
| 020 | |a 1801079544 |9 1-80107-954-4 | ||
| 035 | |a (ZDB-221-PCL)978-1-80107-954-9 | ||
| 035 | |a (OCoLC)1334023931 | ||
| 035 | |a (DE-599)KEP077854055 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-706 |a DE-573 |a DE-Aug4 | ||
| 082 | 0 | |a 005.8 |2 23 | |
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 100 | 1 | |a Ostrovskaya, Svetlana |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Practical memory forensics |b jumpstart effective forensic analysis of volatile memory |c Svetlana Ostrovskaya, Oleg Skulkin |
| 250 | |a First published | ||
| 264 | 1 | |a Birmingham ; Mumbai |b Packt Publishing, Limited |c 2022 | |
| 300 | |a 1 Online-Ressource (xvi, 286 Seiten) |b Illustrationen | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 500 | |a Description based upon print version of record | ||
| 520 | 3 | |a A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore memory forensics, one of the vital branches of digital investigation Learn the art of user activities reconstruction and malware detection using volatile memory Get acquainted with a range of open-source tools and techniques for memory forensics Book Description Memory Forensics is a powerful analysis technique that can be used in different areas, from incident response to malware analysis. With memory forensics, you can not only gain key insights into the user's context but also look for unique traces of malware, in some cases, to piece together the puzzle of a sophisticated targeted attack. Starting with an introduction to memory forensics, this book will gradually take you through more modern concepts of hunting and investigating advanced malware using free tools and memory analysis frameworks. | |
| 520 | 3 | |a This book takes a practical approach and uses memory images from real incidents to help you gain a better understanding of the subject and develop the skills required to investigate and respond to malware-related incidents and complex targeted attacks. You'll cover Windows, Linux, and macOS internals and explore techniques and tools to detect, investigate, and hunt threats using memory forensics. Equipped with this knowledge, you'll be able to create and analyze memory dumps on your own, examine user activity, detect traces of fileless and memory-based malware, and reconstruct the actions taken by threat actors. By the end of this book, you'll be well-versed in memory forensics and have gained hands-on experience of using various tools associated with it. | |
| 520 | 3 | |a What you will learn Understand the fundamental concepts of memory organization Discover how to perform a forensic investigation of random access memory Create full memory dumps as well as dumps of individual processes in Windows, Linux, and macOS Analyze hibernation files, swap files, and crash dumps Apply various methods to analyze user activities Use multiple approaches to search for traces of malicious activity Reconstruct threat actor tactics and techniques using random access memory analysis Who this book is for This book is for incident responders, digital forensic specialists, cybersecurity analysts, system administrators, malware analysts, students, and curious security professionals new to this field and interested in learning memory forensics. A basic understanding of malware and its working is expected. Although not mandatory, knowledge of operating systems internals will be helpful. For those new to this field, the book covers all the necessary concepts | |
| 653 | 0 | |a Malware (Computer software) | |
| 653 | 0 | |a Computer security | |
| 653 | 0 | |a Computer networks | |
| 653 | 0 | |a Application software | |
| 653 | 0 | |a Computer Security | |
| 653 | 0 | |a Computer Communication Networks | |
| 653 | 0 | |a Logiciels malveillants | |
| 653 | 0 | |a Sécurité informatique | |
| 653 | 0 | |a Réseaux d'ordinateurs | |
| 653 | 0 | |a Logiciels d'application | |
| 653 | 0 | |a Application software | |
| 653 | 0 | |a Computer networks | |
| 653 | 0 | |a Computer security | |
| 653 | 0 | |a Malware (Computer software) | |
| 653 | 0 | |a Electronic books | |
| 700 | 1 | |a Skulkin, Oleg |e Verfasser |0 (DE-588)1159933545 |4 aut | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 9781801070331 |
| 856 | 4 | 0 | |u https://portal.igpublish.com/iglibrary/search/PACKT0006177.html |x Verlag |z URL des Erstveröffentlichers |3 Volltext |
| 912 | |a ZDB-30-ORH | ||
| 912 | |a ZDB-30-PQE | ||
| 912 | |a ZDB-221-PCL | ||
| 912 | |a ZDB-221-PCR | ||
| 912 | |a ZDB-221-PPK | ||
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-033672595 | |
| 966 | e | |u https://portal.igpublish.com/iglibrary/search/PACKT0006177.html |l DE-Aug4 |p ZDB-221-PPK |q FHA_PDA_PPK_Kauf |x Verlag |3 Volltext | |
| 966 | e | |u https://portal.igpublish.com/iglibrary/search/PACKT0006177.html |l DE-573 |p ZDB-221-PCL |x Verlag |3 Volltext | |
| 966 | e | |u https://portal.igpublish.com/iglibrary/search/PACKT0006177.html |l DE-706 |p ZDB-221-PCL |x Verlag |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1821123678712102912 |
|---|---|
| adam_text | |
| adam_txt | |
| any_adam_object | |
| any_adam_object_boolean | |
| author | Ostrovskaya, Svetlana Skulkin, Oleg |
| author_GND | (DE-588)1159933545 |
| author_facet | Ostrovskaya, Svetlana Skulkin, Oleg |
| author_role | aut aut |
| author_sort | Ostrovskaya, Svetlana |
| author_variant | s o so o s os |
| building | Verbundindex |
| bvnumber | BV048292641 |
| classification_rvk | ST 276 |
| collection | ZDB-30-ORH ZDB-30-PQE ZDB-221-PCL ZDB-221-PCR ZDB-221-PPK |
| ctrlnum | (ZDB-221-PCL)978-1-80107-954-9 (OCoLC)1334023931 (DE-599)KEP077854055 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| edition | First published |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nam a22000001c 4500</leader><controlfield tag="001">BV048292641</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20250113</controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">220621s2022 xx a||| o|||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781801079549</subfield><subfield code="c">Online</subfield><subfield code="9">978-1-80107-954-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1801079544</subfield><subfield code="9">1-80107-954-4</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ZDB-221-PCL)978-1-80107-954-9</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1334023931</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)KEP077854055</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-706</subfield><subfield code="a">DE-573</subfield><subfield code="a">DE-Aug4</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Ostrovskaya, Svetlana</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Practical memory forensics</subfield><subfield code="b">jumpstart effective forensic analysis of volatile memory</subfield><subfield code="c">Svetlana Ostrovskaya, Oleg Skulkin</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">First published</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham ; Mumbai</subfield><subfield code="b">Packt Publishing, Limited</subfield><subfield code="c">2022</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xvi, 286 Seiten)</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Description based upon print version of record</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore memory forensics, one of the vital branches of digital investigation Learn the art of user activities reconstruction and malware detection using volatile memory Get acquainted with a range of open-source tools and techniques for memory forensics Book Description Memory Forensics is a powerful analysis technique that can be used in different areas, from incident response to malware analysis. With memory forensics, you can not only gain key insights into the user's context but also look for unique traces of malware, in some cases, to piece together the puzzle of a sophisticated targeted attack. Starting with an introduction to memory forensics, this book will gradually take you through more modern concepts of hunting and investigating advanced malware using free tools and memory analysis frameworks.</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">This book takes a practical approach and uses memory images from real incidents to help you gain a better understanding of the subject and develop the skills required to investigate and respond to malware-related incidents and complex targeted attacks. You'll cover Windows, Linux, and macOS internals and explore techniques and tools to detect, investigate, and hunt threats using memory forensics. Equipped with this knowledge, you'll be able to create and analyze memory dumps on your own, examine user activity, detect traces of fileless and memory-based malware, and reconstruct the actions taken by threat actors. By the end of this book, you'll be well-versed in memory forensics and have gained hands-on experience of using various tools associated with it.</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">What you will learn Understand the fundamental concepts of memory organization Discover how to perform a forensic investigation of random access memory Create full memory dumps as well as dumps of individual processes in Windows, Linux, and macOS Analyze hibernation files, swap files, and crash dumps Apply various methods to analyze user activities Use multiple approaches to search for traces of malicious activity Reconstruct threat actor tactics and techniques using random access memory analysis Who this book is for This book is for incident responders, digital forensic specialists, cybersecurity analysts, system administrators, malware analysts, students, and curious security professionals new to this field and interested in learning memory forensics. A basic understanding of malware and its working is expected. Although not mandatory, knowledge of operating systems internals will be helpful. For those new to this field, the book covers all the necessary concepts</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Malware (Computer software)</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer security</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Application software</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer Security</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer Communication Networks</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Logiciels malveillants</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Réseaux d'ordinateurs</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Logiciels d'application</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Application software</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer security</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Malware (Computer software)</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Electronic books</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Skulkin, Oleg</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1159933545</subfield><subfield code="4">aut</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">9781801070331</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://portal.igpublish.com/iglibrary/search/PACKT0006177.html</subfield><subfield code="x">Verlag</subfield><subfield code="z">URL des Erstveröffentlichers</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-PQE</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-221-PCL</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-221-PCR</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-221-PPK</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-033672595</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://portal.igpublish.com/iglibrary/search/PACKT0006177.html</subfield><subfield code="l">DE-Aug4</subfield><subfield code="p">ZDB-221-PPK</subfield><subfield code="q">FHA_PDA_PPK_Kauf</subfield><subfield code="x">Verlag</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://portal.igpublish.com/iglibrary/search/PACKT0006177.html</subfield><subfield code="l">DE-573</subfield><subfield code="p">ZDB-221-PCL</subfield><subfield code="x">Verlag</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://portal.igpublish.com/iglibrary/search/PACKT0006177.html</subfield><subfield code="l">DE-706</subfield><subfield code="p">ZDB-221-PCL</subfield><subfield code="x">Verlag</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV048292641 |
| illustrated | Illustrated |
| index_date | 2024-07-03T20:04:10Z |
| indexdate | 2025-01-13T09:01:19Z |
| institution | BVB |
| isbn | 9781801079549 1801079544 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-033672595 |
| oclc_num | 1334023931 |
| open_access_boolean | |
| owner | DE-706 DE-573 DE-Aug4 |
| owner_facet | DE-706 DE-573 DE-Aug4 |
| physical | 1 Online-Ressource (xvi, 286 Seiten) Illustrationen |
| psigel | ZDB-30-ORH ZDB-30-PQE ZDB-221-PCL ZDB-221-PCR ZDB-221-PPK ZDB-221-PPK FHA_PDA_PPK_Kauf |
| publishDate | 2022 |
| publishDateSearch | 2022 |
| publishDateSort | 2022 |
| publisher | Packt Publishing, Limited |
| record_format | marc |
| spelling | Ostrovskaya, Svetlana Verfasser aut Practical memory forensics jumpstart effective forensic analysis of volatile memory Svetlana Ostrovskaya, Oleg Skulkin First published Birmingham ; Mumbai Packt Publishing, Limited 2022 1 Online-Ressource (xvi, 286 Seiten) Illustrationen txt rdacontent c rdamedia cr rdacarrier Description based upon print version of record A practical guide to enhancing your digital investigations with cutting-edge memory forensics techniques Key Features Explore memory forensics, one of the vital branches of digital investigation Learn the art of user activities reconstruction and malware detection using volatile memory Get acquainted with a range of open-source tools and techniques for memory forensics Book Description Memory Forensics is a powerful analysis technique that can be used in different areas, from incident response to malware analysis. With memory forensics, you can not only gain key insights into the user's context but also look for unique traces of malware, in some cases, to piece together the puzzle of a sophisticated targeted attack. Starting with an introduction to memory forensics, this book will gradually take you through more modern concepts of hunting and investigating advanced malware using free tools and memory analysis frameworks. This book takes a practical approach and uses memory images from real incidents to help you gain a better understanding of the subject and develop the skills required to investigate and respond to malware-related incidents and complex targeted attacks. You'll cover Windows, Linux, and macOS internals and explore techniques and tools to detect, investigate, and hunt threats using memory forensics. Equipped with this knowledge, you'll be able to create and analyze memory dumps on your own, examine user activity, detect traces of fileless and memory-based malware, and reconstruct the actions taken by threat actors. By the end of this book, you'll be well-versed in memory forensics and have gained hands-on experience of using various tools associated with it. What you will learn Understand the fundamental concepts of memory organization Discover how to perform a forensic investigation of random access memory Create full memory dumps as well as dumps of individual processes in Windows, Linux, and macOS Analyze hibernation files, swap files, and crash dumps Apply various methods to analyze user activities Use multiple approaches to search for traces of malicious activity Reconstruct threat actor tactics and techniques using random access memory analysis Who this book is for This book is for incident responders, digital forensic specialists, cybersecurity analysts, system administrators, malware analysts, students, and curious security professionals new to this field and interested in learning memory forensics. A basic understanding of malware and its working is expected. Although not mandatory, knowledge of operating systems internals will be helpful. For those new to this field, the book covers all the necessary concepts Malware (Computer software) Computer security Computer networks Application software Computer Security Computer Communication Networks Logiciels malveillants Sécurité informatique Réseaux d'ordinateurs Logiciels d'application Electronic books Skulkin, Oleg Verfasser (DE-588)1159933545 aut Erscheint auch als Druck-Ausgabe 9781801070331 https://portal.igpublish.com/iglibrary/search/PACKT0006177.html Verlag URL des Erstveröffentlichers Volltext |
| spellingShingle | Ostrovskaya, Svetlana Skulkin, Oleg Practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title | Practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title_auth | Practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title_exact_search | Practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title_exact_search_txtP | Practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title_full | Practical memory forensics jumpstart effective forensic analysis of volatile memory Svetlana Ostrovskaya, Oleg Skulkin |
| title_fullStr | Practical memory forensics jumpstart effective forensic analysis of volatile memory Svetlana Ostrovskaya, Oleg Skulkin |
| title_full_unstemmed | Practical memory forensics jumpstart effective forensic analysis of volatile memory Svetlana Ostrovskaya, Oleg Skulkin |
| title_short | Practical memory forensics |
| title_sort | practical memory forensics jumpstart effective forensic analysis of volatile memory |
| title_sub | jumpstart effective forensic analysis of volatile memory |
| url | https://portal.igpublish.com/iglibrary/search/PACKT0006177.html |
| work_keys_str_mv | AT ostrovskayasvetlana practicalmemoryforensicsjumpstarteffectiveforensicanalysisofvolatilememory AT skulkinoleg practicalmemoryforensicsjumpstarteffectiveforensicanalysisofvolatilememory |