Volatility를 이용한 memory forensics
11 likes3,879 views
This document lists the operating systems and service packs supported by Volatility, a digital forensics tool. It supports various versions of Windows, Linux, and Mac OS X. It also provides analysis capabilities like process analysis, network analysis, and disassembly of code. Additional steps are needed when using Ubuntu kernels to add library paths.
Volatility를 이용한 memory forensics
- 2. 2014-
- 3. 2014
- 4. 4
- 5. 5
- 6. 6
- 7. 2014
- 8. 8
- 9. 9
- 10. 10
- 11. 11
- 12. 12
- 13. 13
- 14. 14
- 15. 15
- 16. 2014
- 17. 17 <Source : Volatility Google code>
- 18. 18 Windows x86 Windows x64 Linux Mac OSX Windows XP Service Pack 2 and 3 Windows XP Service Pack 1 and 2 32-bit Linux kernels 2.6.11 to 3.5 32-bit 10.5.x Leopard Windows 2003 Server Service Pack 0, 1, 2 Windows 2003 Server Service Pack 1 and 2 64-bit Linux kernels 2.6.11 to 3.5 32-bit 10.6.x Snow Leopard Windows Vista Service Pack 0, 1, 2 Windows Vista Service Pack 0, 1, 2 OpenSuSE,CentOS 64-bit 10.6.x Snow Leopard Windows 2008 Server Service Pack 1, 2 Windows 2008 Server Service Pack 1 and 2 Ubuntu, Debian 32-bit 10.7.x Lion Windows 7 Service Pack 0, 1 Windows 2008 R2 Server Service Pack 0 and 1 Fedora, Mandriva 64-bit 10.7.x Lion Windows 7 Service Pack 0 and 1 64-bit 10.8.x Mountain Lion
- 19. 19
- 20. 20
- 21. 21
- 22. 22
- 23. 23 NOTE : Ubuntu Kernel에서는다음을추가실행이필요 # echo “/usr/local/lib” >> /etc/ld.so.conf # ldconfig
- 24. 24 운영체제 분석 Process 분석 Network 분석 DLL 및Thread 분석 String 분석 Registry 분석
- 25. 25
- 26. 26
- 27. 27
- 28. 2014
- 29. 29
- 30. 30
- 31. 31
- 32. 32
- 33. 33
- 34. 34
- 35. 35
- 36. 36
- 37. 37
- 38. 38
- 39. 39
- 40. 40
- 41. 41
- 42. 42
- 43. 43
- 44. 44
- 46. 46
- 47. 47
- 48. 48
- 49. 49
- 50. 50
- 51. 51
- 52. 2014
- 53. 53
- 54. 2014
- 55. 55
- 56. 56
- 57. 57