Tweet
Hey all, Black Hat is doing their monthly free webinar tomorrow, this time on live memory forensics. Here is the info for anyone who is interested!
Free Black Hat Webcast - Blue Screen of the Death is Dead Speaker - Matthieu Suiche
Date: Thursday, October 29, 2009
Time: 1:00 pm PT/4:00 pm ET
Registration Link: https://www2.gotomeeting.com/register/544746170
Physical memory is definitely a goldmine of information and its analysis is part of several games including troubleshooting, forensics investigation, etc. In this webcast Matthieu is going to introduce his x64/x86 Windows physical memory acquisition utility called windd (also known as win32dd or win64dd), to explain why using Microsoft Crash Dump file format is more efficient than a common raw dump under a Windows machine for forensics analysis.
---
Yes we're using gotomeeting. It's one of the only companies where you don't have to install or run their tool as an administrator on windows.. I run it as a normal user and works fine.
Free Black Hat Webcast - Blue Screen of the Death is Dead Speaker - Matthieu Suiche
Date: Thursday, October 29, 2009
Time: 1:00 pm PT/4:00 pm ET
Registration Link: https://www2.gotomeeting.com/register/544746170
Physical memory is definitely a goldmine of information and its analysis is part of several games including troubleshooting, forensics investigation, etc. In this webcast Matthieu is going to introduce his x64/x86 Windows physical memory acquisition utility called windd (also known as win32dd or win64dd), to explain why using Microsoft Crash Dump file format is more efficient than a common raw dump under a Windows machine for forensics analysis.
---
Yes we're using gotomeeting. It's one of the only companies where you don't have to install or run their tool as an administrator on windows.. I run it as a normal user and works fine.
Comment