Final Week of Month of Volatility Plugins II is posted

[Andrew Case <atcuno () gmail com>]

We are writing as the final week of the second installment of the
Month of Volatility Plugins is now posted. Volatility 2.3 is currently
in beta, and the blog posts are focusing on new features in this
version. This week's posts discussed a number of new and updated
plugins used to analyze Mac systems.

The first post demonstrated leveraging process cross-view analysis for
Mac rootkit detection:

http://volatility-labs.blogspot.com/2013/06/movp-ii-41-leveraging-process-cross.html

The second post covered dumping, scanning, and searching process memory:

http://volatility-labs.blogspot.com/2013/06/movp-ii-42-dumping-scanning-and.html

The third post discussed how to recover networking information:

http://volatility-labs.blogspot.com/2013/06/movp-ii-43-recovering-mac-os-x-network.html

The fourth post showed a number of artifacts in Mac kernel memory:

http://volatility-labs.blogspot.com/2013/06/movp-ii-44-whats-in-your-mac-osx-kernel.html

The fifth post analyzed the Rubilyn kernel rootkit and detected it in
a number of ways:

http://volatility-labs.blogspot.com/2013/06/movp-ii-45-mac-volatility-vs-rubilyn.html

We hope you have enjoyed this month's posts and will be trying 2.3
when its released!

If you have any questions or comments please comment on an individual
blog post or reply to this email.

Thanks,
Andrew (@attrc)
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com