Live analysis and its footprint
Written by Jamie Butler
Recently there was a conversation on Harlan’s Windows Incident Response blog which mentioned the footprint of Memoryze and other tools. Every tool has positives and negatives depending on the use case.
First, the blog entry mainly mentions the footprint on disk, which is larger than other acquisition tools because Memoryze does both acquisition and analysis in the same package. Read the rest
Tags: live analysis, live response, Matthieu Suiche, memory acquisition, Memory analysis, Memoryze, Windows Incident Response
. 14 Jan 09 | The Lab | Comments (0)
Integrate EnCase, Memoryze, and Audit Viewer with MemScript
Written by Kelcey Tietjen
Memoryze is a great tool for memory analysis, but what makes it even stronger is that it can be integrated with other tools to help with incident response. These other tools can be leveraged to bring Memoryze’s capabilities to remote hosts. If your organization has not deployed or piloted MANDIANT Intelligent Response (MIR), you can use Encase Enterprise Edition (EEE) to gain access to remote memory. Read the rest
Tags: Audit Viewer, Encase, Encase Enterprise, Enscript, Guidance Software, Memoryze
. 18 Dec 08 | The Armory | Comments (0)
Article on how to use Memoryze and Audit Viewer for malware analysis
Written by Peter Silberman
I know not everyone reads OpenRCE, but it has been a favorite haunt of mine since Pedram launched it. Over the holiday, I posted an article there about how to use Memoryze and Audit Viewer to do malware analysis since that has always been one of my hobbies. Read the rest
Tags: Audit Viewer, malware analysis, Memoryze, offensive computing, openrce
. 01 Dec 08 | The Lab | Comments (0)
New Audit Viewer for Memoryze
Written by Jamie Butler
If you are tired of trying to load Memoryze’s results into Internet Explorer
or into an Excel spreadsheet, check out the new viewer from Peter
Silberman. The Audit Viewer is written in Python and comes with
the BSD license because you know best how you want to view your data. Read the rest
Tags: Memory analysis, memory forensics, Memoryze, Memoryze GUI, open source
. 25 Nov 08 | The Lab | Comments (2)
Channels
Recent Posts
- Education and Information Sharing Top Priority at 2012 DoD Cyber Crime Conference
- Executive Breakfast Briefing with Former DHS Secretary Michael Chertoff
- Vulnerability and Exploit Terminology Webinar
- Creating an IOC to Spot the Duqu Family
- Using Redline & OpenIOC to Build Effective Indicators
Follow us on Twitter
- Mandiant: RT @cbentle2: @OpenIOC Updated #IOC posted https://t.co/Y2PGTuqE #dfir
- Mandiant: M's Michael Sikorski wrote a book, "Practical Malware Analysis" & will be hosting a webinar to discuss it! 2/29 2PM ET http://t.co/fd7Bf8Vj
- Mandiant: @_saadk Thanks for the #FF!