The Art of Memory Forensics : Detecting Malware and Threats in Windows, Linux, and Mac Memory
Material type: TextPublication details: Indianapolis John wiley& Sons 2014Description: xxiii, 886 pages : illustrationsISBN:- 9781118825099
- Detecting Malware and Threats in Windows, Linux, and Mac Memory
- 005.8 LIG/A
Item type | Current library | Call number | Copy number | Status | Date due | Barcode | Item holds | |
---|---|---|---|---|---|---|---|---|
Reference | IIIT Kottayam Central Library Reference | 005.8 LIG/A (Browse shelf(Opens below)) | Not For Loan | 2169 | ||||
Books | IIIT Kottayam Central Library General Stacks | 005.8 LIG/A (Browse shelf(Opens below)) | 1 | Available | 2170 | |||
Books | IIIT Kottayam Central Library General Stacks | 005.8 LIG/A (Browse shelf(Opens below)) | 2 | Available | 2171 | |||
Books | IIIT Kottayam Central Library General Stacks | 005.8 LIG/A (Browse shelf(Opens below)) | 3 | Available | 2172 | |||
Books | IIIT Kottayam Central Library General Stacks | 005.8 LIG/A (Browse shelf(Opens below)) | 4 | Checked out to Jobin Jose (FAC53) | 04/09/2024 | 2173 |
Includes index.
Machine generated contents note: 1.Systems Overview -- Digital Environment -- PC Architecture -- Operating Systems -- Process Management -- Memory Management -- File System -- I/O Subsystem -- Summary -- 2.Data Structures -- Basic Data Types -- Summary -- 3.The Volatility Framework -- Why Volatility? -- What Volatility Is Not -- Installation -- The Framework -- Using Volatility -- Summary -- 4.Memory Acquisition -- Preserving the Digital Environment -- Software Tools -- Memory Dump Formats -- Converting Memory Dumps -- Volatile Memory on Disk -- Summary -- 5.Windows Objects and Pool Allocations -- Windows Executive Objects -- Pool-Tag Scanning -- Limitations of Pool Scanning -- Big Page Pool -- Pool-Scanning Alternatives -- Summary -- 6.Processes, Handles, and Tokens -- Processes -- Process Tokens -- Privileges -- Process Handles -- Enumerating Handles in Memory -- Summary -- 7.Process Memory Internals -- What's in Process Memory? -- Enumerating Process Memory -- Summary --
Contents note continued: Summary.
There are no comments on this title.