The Art of Memory Forensics : Detecting Malware and Threats in Windows, Linux, and Mac Memory
Ligh Michael Hale.
The Art of Memory Forensics : Detecting Malware and Threats in Windows, Linux, and Mac Memory Detecting Malware and Threats in Windows, Linux, and Mac Memory - Indianapolis John wiley& Sons 2014 - xxiii, 886 pages : illustrations ;
Includes index.
Machine generated contents note: 1.Systems Overview -- Digital Environment -- PC Architecture -- Operating Systems -- Process Management -- Memory Management -- File System -- I/O Subsystem -- Summary -- 2.Data Structures -- Basic Data Types -- Summary -- 3.The Volatility Framework -- Why Volatility? -- What Volatility Is Not -- Installation -- The Framework -- Using Volatility -- Summary -- 4.Memory Acquisition -- Preserving the Digital Environment -- Software Tools -- Memory Dump Formats -- Converting Memory Dumps -- Volatile Memory on Disk -- Summary -- 5.Windows Objects and Pool Allocations -- Windows Executive Objects -- Pool-Tag Scanning -- Limitations of Pool Scanning -- Big Page Pool -- Pool-Scanning Alternatives -- Summary -- 6.Processes, Handles, and Tokens -- Processes -- Process Tokens -- Privileges -- Process Handles -- Enumerating Handles in Memory -- Summary -- 7.Process Memory Internals -- What's in Process Memory? -- Enumerating Process Memory -- Summary -- Contents note continued: Summary.
9781118825099
Malware (Computer software)
Computer security.
Computer networks
Computer crimes.
Réseaux informatiques.
Délits informatiques.
Sécurité informatique.
Mémorisation des données.
Computer crimes.
Computer networks
Computer security.
Malware (Computer software)
005.8 / LIG/A
The Art of Memory Forensics : Detecting Malware and Threats in Windows, Linux, and Mac Memory Detecting Malware and Threats in Windows, Linux, and Mac Memory - Indianapolis John wiley& Sons 2014 - xxiii, 886 pages : illustrations ;
Includes index.
Machine generated contents note: 1.Systems Overview -- Digital Environment -- PC Architecture -- Operating Systems -- Process Management -- Memory Management -- File System -- I/O Subsystem -- Summary -- 2.Data Structures -- Basic Data Types -- Summary -- 3.The Volatility Framework -- Why Volatility? -- What Volatility Is Not -- Installation -- The Framework -- Using Volatility -- Summary -- 4.Memory Acquisition -- Preserving the Digital Environment -- Software Tools -- Memory Dump Formats -- Converting Memory Dumps -- Volatile Memory on Disk -- Summary -- 5.Windows Objects and Pool Allocations -- Windows Executive Objects -- Pool-Tag Scanning -- Limitations of Pool Scanning -- Big Page Pool -- Pool-Scanning Alternatives -- Summary -- 6.Processes, Handles, and Tokens -- Processes -- Process Tokens -- Privileges -- Process Handles -- Enumerating Handles in Memory -- Summary -- 7.Process Memory Internals -- What's in Process Memory? -- Enumerating Process Memory -- Summary -- Contents note continued: Summary.
9781118825099
Malware (Computer software)
Computer security.
Computer networks
Computer crimes.
Réseaux informatiques.
Délits informatiques.
Sécurité informatique.
Mémorisation des données.
Computer crimes.
Computer networks
Computer security.
Malware (Computer software)
005.8 / LIG/A
