[Vol-users] 29c3 defeating windows memory forensics
George M. Garner Jr.
ggarner_online at gmgsystemsinc.com
Tue Jan 8 08:44:34 CST 2013
On 1/8/2013 7:57 AM, Michael Cohen wrote:
> The real challenge for Dementia the way I see it is to be able to
> identify the DFIR tool in order to interfere with it.
See the section entitled "Parsing Certificates" in Peter Kleissner,
"Creating an anti-AV scanner...and blocking AV's,"
More information about the Vol-users