Hello guys,
I would like to ask you some questions about the plugin contest.
First of all, if I decide to submit my new plugin to the contest do i have
to keep it private until the notification (August)?
Second point, is it possible to post here some screencasts to have some
feedbacks and then submit my cool plugin to the contest?
I'm a PhD student so I would like to make my work public once I have
submitted the paper.
Regards,
/emdel
We are pleased to announce the next public Volatility training
opportunity: the Windows Malware and Memory Forensics Training by The
Volatility Project. This course will take place in Reston, VA from
Monday, June 10th through Friday, June 14th 2013. For details, please
see our blog:
http://volatility-labs.blogspot.com/2013/03/official-training-by-volatility…
or email us at: voltraining(a)memoryanalysis.net
All the best,
-gleeda
--
PGP Fingerprint: 2E87 17A1 EC10 1E3E 11D3 64C2 196B 2AB5 27A4 AC92
Hi all,
We (Alex Joss and Dario Schwab) worked on a set of Volatility plugins for a
generic and automated analysis of Android apps that we would like to share
with you. This work resulted from our bachelor thesis at Security
Engineering Lab of Bern University of Applied Sciences in Switzerland. For
now, this is just a proof of concept and it will be developed further in
the future.
Our approach is based on the dalvik-plugins from Holger Macht, published to
this mailing list on 2012-10-16.
Our plugins are the following:
- android_find_class_instances (scans the heap of the app)
- android_app_generic (analyses the contents of the found objects)
There are a few more files which have to be added or modified. Under the
following link you will find the complete Volatility 2.3-alpha framework
with our plugins and modifications already intergrated:
https://dl.dropbox.com/u/12931232/volatility-2.3-devel-android.zip
Unfortunately we can't provide a patch set, because our work's based on
Volatility 2.3-alpha, which can't be downloaded anymore as reference. Maybe
someone could do this for us.
The Plugins, their usage and each needed modification of existing files are
explained in the attached README file.
Please let us know if you need help to get things running or if you have
any suggestions.
Regards Alex and Dario
Hello everyone,
You've seen me around for the past two weeks, and I thought I might
introduce myself.
My name's Edwin and I've just started working on my masters thesis
(University of Twente, The Netherlands) and internship. I'm doing
research into user space memory forensics, and at this moment
volatility seems like the best tool to use for my research.
Last week I wrote a small plugin to get familiar with the framework,
it's available at [1]. I'll leave it up to you if it is useful enough
to include in volatility.
Currently I'm finalizing the approach to my research. Is it ok to use
this list (or vol-users) if I have any ideas or questions related to
my research that I need to bounce off of somebody?
If it isn't taking too much time away from my thesis, I also plan to
enter my research into the contest[2]. I hope that asking questions
here still makes me eligible :)
Cheers,
Edwin
[1] https://gist.github.com/Dutchy-/348cf96f56ea35e2b893
[2] http://volatility-labs.blogspot.nl/2013/01/the-1st-annual-volatility-framew…
Hi all,
We (Alex Joss and Dario Schwab) worked on a set of Volatility plugins for a
generic and automated analysis of Android apps that we would like to share
with you. This work resulted from our bachelor thesis at Security
Engineering Lab of Bern University of Applied Sciences in Switzerland. For
now, this is just a proof of concept and it will be developed further in
the future.
Our approach is based on the dalvik-plugins from Holger Macht, published to
this mailing list on 2012-10-16.
Our plugins are the following:
- android_find_class_instances (scans the heap of the app)
- android_app_generic (analyses the contents of the found objects)
There are a few more files which have to be added or modified. Under the
following link you will find the complete Volatility 2.3-alpha framework
with our plugins and modifications already intergrated:
https://dl.dropbox.com/u/12931232/volatility-2.3-devel-android.zip
Unfortunately we can't provide a patch set, because our work's based on
Volatility 2.3-alpha, which can't be downloaded anymore as reference. Maybe
someone could do this for us.
The Plugins, their usage and each needed modification of existing files are
explained in the attached README file.
Please let us know if you need help to get things running or if you have
any suggestions.
Regards Alex and Dario
Hello Volatility Devs,
I'm currently a student in a Digital Forensics class. We have used your
wonderful tool to do memory dumps. We now have a project to contribute to
an open source project. I was wondering if there was anything that I could
contribute to the Volatility project. My strong point isn't in programming,
but I have had an introduction to it. I don't know if there's any
documentation you'd like to have updated, or whatever. I look forward to a
response.
Warm Regards,
*Joel Anderson*
Brigham Young University - April 2014
Masters of Information Systems Management
(208) 570-7253
