Recovering TeamViewer (and other) Credentials from RAM with EditBox
I recently stumbled upon the TeamViewer-dumper-in-CPP project, which shows just how easy it is to recover TeamViewer IDs, passwords, and account information from a running TV instance by enumerating...
View ArticleVolatility Updates Summer 2015
Summer 2015 has been quite a busy time for the memory forensics community. We wanted to write a quick update to talk about some recent events and research as well as upcoming news. Conferences Black...
View ArticleResults from the 2015 Volatility Plugin Contest are in!
The competition this year was fierce! We received 12 plugins to the contest. Similar to last year, ranking the submissions was one of the hardest things we’ve had to do. Each plugin is unique in its...
View ArticlePlugX: Memory Forensics Lifecycle with Volatility
At OSDFCon last week, we discussed a case study showing how we identified manipulated memory artifacts in an infected environment. We were then able to rapidly introduce new capabilities to Volatility...
View ArticleGuest Post: Martin Korman (VolatilityBot - An Automated Malicious Code Dumper)
This is a guest post from Martin Korman, author of VolatilityBot. Lately, I've found myself manually unpacking different versions of the same malware in order to perform static analysis with IDA and...
View ArticleThe 2016 Volatility Plugin Contest is now live!
This is a quick update to announce that the 2016 Volatility Plugin contest is now live and accepting submissions until October 1st. Winners of this year's contest will be receiving over $2,000 in cash...
View ArticleAirbnb Donates $999 to the 2016 Volatility Plugin Contest!
Thank you to Airbnb for donating $999 to the 2016 Volatility Plugin Contest and their continued support for open source memory forensics development. When we announced the contest a couple days ago,...
View ArticleWindows Malware and Memory Forensics Training coming to NYC, Amsterdam, and...
We're excited to announce the dates and locations for three new public offerings of Windows Malware and Memory Forensics Training by The Volatility Project. The following courses are now open for...
View ArticleMemory Forensics Across the Enterprise - *Beta*
I would like to let you know about a *Beta* course opportunity that I’m hosting this summer. The Beta course, Memory Forensics Across the Enterprise - Beta, is offered at a discounted rate exclusively...
View ArticleAutomating Detection of Known Malware through Memory Forensics
In this blog post, we will cover how to automate the detection of previously identified malware through the use of three Volatility plugins along with ClamAV. Although this walk-through primarily...
View ArticleMalware and Memory Forensics 2017 Schedule (Now with Linux, Mac, and Surge...
Our most popular training course just got even better! We're happy to announce the curriculum for Malware and Memory Forensics by The Volatility Project now includes the following: Linux and Mac OS X...
View ArticleResults from the 2016 Volatility Plugin Contest are in!
Congratulations to all the participants! This year we received more submissions than ever before (21 to be exact, from 16 different authors), so judging took longer than we expected. Sorry about that!...
View ArticleThe Release of Volatility 2.6
This release improves support for Windows 10 and adds support for Windows Server 2016, Mac OS Sierra 10.12, and Linux with KASLR kernels. A lot of bug fixes went into this release as well as...
View ArticleThe (5th Annual) 2017 Volatility Plugin Contest is Live!
Its that time again, folks! The 2017 Volatility Plugin contest is now live and accepting submissions until October 1st, 2017. Winners of this year's contest will be receiving over $2,250 in cash prizes...
View ArticleOur Newly Updated Memory Forensics and Malware Analysis Course is Headed to...
As we head into summer, we wanted to let everyone know that for 2017 we only have two remaining public offerings of our highly popular and newly updated Malware and Memory Forensics training course. If...
View ArticleResults from the (5th Annual) 2017 Volatility Plugin Contest are in!
Congratulations to all the participants! This year's contest resulted in a ton of new and exciting functionality available to law enforcement agents, DF/IR practitioners, malware analysts, and...
View ArticleMalware and Memory Forensics Training Headed to Herndon and Amsterdam!
After another highly successfully year of our Malware and Memory Forensics training, which included sold-out public trainings in Herndon, VA and London as well as several private trainings, we are...
View ArticleThe 6th Annual Volatility Plugin Contest and the Inaugural Volatility...
We are excited to announce that the 2018 Volatility Plugin Contest and the 2018 Volatility Analysis Contest are now accepting submissions until October 1, 2018. Winners of each contest will be...
View ArticleResults from the 2018 Volatility Contests are in!
Let’s begin by thanking all of the participants in this year’s contests! This year we hosted the 6th Annual Volatility Plugin Contest, and we introduced the Inaugural Analysis Contest. We were...
View Article
