Announcing the First Annual Volatility Framework Plugin Contest
by Andrew Case
Hello All,
We were writing to announce the first annual Volatility framework
plugin writing contest:
http://volatility-labs.blogspot.com/2013/01/the-1st-annual-volatility-frame…
This contest is modeled after the well-known Hex-Rays plugin contest,
and we hope to attract the same level of high-quality submissions as
seen in the IDA contests.
To the winners we offer a variety of cash prizes, recognition, and a
chance to speak at our yearly conference.
If you have any questions or comments please contact me directly or
use the contact information listed in the blog post.
Thanks,
Andrew
12 years, 2 months
- 1
- 0
Announcing the next public offering of malware and memory forensics training by Volatility developers
by Andrew Case
Hello,
We were writing to announce that the next public offering of Windows
malware and memory forensics training by Volatility developers has
been set for March 18-22rd in Chicago.
Full details can be found here:
http://volatility-labs.blogspot.com/2013/01/windows-malware-and-memory-fore…
If you have any questions or comments then please contact me directly
or use the information listed on the blog post.
Thanks,
Andrew (@attrc)
12 years, 2 months
- 1
- 0
DalvikVM support for Volatility
by Holger Macht
Hi,
I've uploaded a tarball [1] containing a number of Volatility plugins which
provide support for the DalvikVM and Android. I didn't provide a
patch set, because there are only new files included. However, I can do
so or can open an issue, whatever would be most convenient.
The plugins are named:
- dalvik_find_gdvm_offset
- dalvik_vms
- dalvik_loaded_classes
- dalvik_class_information
- dalvik_find_class_instance
- dalvik_app_mirrored
Any comments would be appreciated. This is part of a research project I
need to have finished by the end of the year, so if someone suggests
fundamental changes, I most likely won't have the immediate time to look
at it. Just wanted to provide my code, because obviously there is some
interest (cf. vol-users@).
Ideally, I could get a branch in SVN to get this integrated into
upcoming Volatility releases.
I've attached a README.dalvik which gives some meta information about
the plugins and could become a corresponding wiki article.
Thanks to Joe Sylve and Andrew Case for providing me with some initial
guidelines.
Regards,
Holger
[1] http://www.homac.de/files/Volatility-Dalvik-support-v1.tar.bz2
12 years, 2 months
- 2
- 2