New Blog Post: Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+
by Andrew Case
We just published a new blog post that details our effort to recover
raw sockets on Windows 10+ systems.
This included reversing of the Windows network stack, verification of
recovery across all operating system versions, and creation of a new
Volatility 3 plugin that automates the recovery.
https://volatility-labs.blogspot.com/2023/08/memory-forensics-r-d-illustrat…
We hope that you enjoy it!
-- The Volatility Team
1 year, 2 months
- 1
- 0