Vol-dev January 2013

vol-dev@lists.volatilityfoundation.org

2 participants
3 discussions

Announcing the First Annual Volatility Framework Plugin Contest

by Andrew Case

Hello All, We were writing to announce the first annual Volatility framework plugin writing contest: http://volatility-labs.blogspot.com/2013/01/the-1st-annual-volatility-frame… This contest is modeled after the well-known Hex-Rays plugin contest, and we hope to attract the same level of high-quality submissions as seen in the IDA contests. To the winners we offer a variety of cash prizes, recognition, and a chance to speak at our yearly conference. If you have any questions or comments please contact me directly or use the contact information listed in the blog post. Thanks, Andrew

11 years, 10 months

Announcing the next public offering of malware and memory forensics training by Volatility developers

by Andrew Case

Hello, We were writing to announce that the next public offering of Windows malware and memory forensics training by Volatility developers has been set for March 18-22rd in Chicago. Full details can be found here: http://volatility-labs.blogspot.com/2013/01/windows-malware-and-memory-fore… If you have any questions or comments then please contact me directly or use the information listed on the blog post. Thanks, Andrew (@attrc)

11 years, 10 months

DalvikVM support for Volatility

by Holger Macht

Hi, I've uploaded a tarball [1] containing a number of Volatility plugins which provide support for the DalvikVM and Android. I didn't provide a patch set, because there are only new files included. However, I can do so or can open an issue, whatever would be most convenient. The plugins are named: - dalvik_find_gdvm_offset - dalvik_vms - dalvik_loaded_classes - dalvik_class_information - dalvik_find_class_instance - dalvik_app_mirrored Any comments would be appreciated. This is part of a research project I need to have finished by the end of the year, so if someone suggests fundamental changes, I most likely won't have the immediate time to look at it. Just wanted to provide my code, because obviously there is some interest (cf. vol-users@). Ideally, I could get a branch in SVN to get this integrated into upcoming Volatility releases. I've attached a README.dalvik which gives some meta information about the plugins and could become a corresponding wiki article. Thanks to Joe Sylve and Andrew Case for providing me with some initial guidelines. Regards, Holger [1] http://www.homac.de/files/Volatility-Dalvik-support-v1.tar.bz2

11 years, 10 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Vol-dev January 2013