Practical Windows Forensics (PWF) - Memory Acquisition with VirtualBox
ฝัง
- เผยแพร่เมื่อ 1 ธ.ค. 2022
- We have a compromised Windows system in Virtualbox. This video demonstrates best practices on how to acquire the memory, using VirtualBox features, and use it for further forensic analysis.
This video is part of a free preview series of the Practical Windows Forensics (PWF) course created by @bluecapesec (www.bluecapesecurity.com)
Full course available at www.bluecapesecurity.com/courses
You can find the attack script on Github: github.com/bluecapesecurity/PWF
𝗙𝗼𝗹𝗹𝗼𝘄 𝘂𝘀:
Discord: / discord
Twitter: / bluecapesec
LinkedIn: / bluecapesecurity - วิทยาศาสตร์และเทคโนโลยี
Thanks for the video...
In real scenario we will not have VirtualBox• How to take memory image of VISTA on other environments?
That primarily depends on the infrastructure that it's running on. On-prem, virtual, cloud? The data acquisition part in this video will help you with some considerations and solutions on this: th-cam.com/video/y_yR5C0pWcs/w-d-xo.html