[Vol-users] http://blog.handlerdiaries.com/?p=363

Stefan Kelm skelm at bfk.de
Fri Jan 31 08:41:15 CST 2014


Jack,

> I case anyone is interested I wrote a blog post of the memory analysis I
> did on Jake Williams ADD tool he presented at Shmoocon.  It can be found
> here http://blog.handlerdiaries.com/?p=363

Thanks for sharing. Awesome write-up! The volatility fu aside I'm
glad to see that I'm not the only one extracting (ASCII and UNICODE)
strings at the very beginning of almost every investigation...  ;)

Cheers,

	Stefan.

-- 
Stefan Kelm                   <skelm at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstrasse 100             Tel: +49-721-96201-1
D-76133 Karlsruhe             Fax: +49-721-96201-99


More information about the Vol-users mailing list