For Developers with various fields of interest and matching atmosphere, MEC.conf is an opportunity for growing one’s network and getting to know the latest in the world of development.
We are here to build a developer community that pervades all of engineering and sciences, for that we are providing a platform to enrich delegates with knowledge from experienced innovators and developers. Providing a broader perspective on various engineering challenges that can be solved by implementing the developer mentality.
Memory Forensics - A CTF Approach
This session gives a brief introduction to volatile memory analysis using the open source tool “volatility”.
- Start playing CTFs which is best way to get into cyber security.
- Understanding how memory forensics works & fundamentals of memory dump analysis.
- Learning the fundamentals of using the tool volatility and its various plugins.
- Interested people can also start contributing to this tool.
This session will start from the very fundamentals:
- Why, What and How of Memory Forensics.
- Introduction to Volatility & it’s plugins.
- Elaborate discussion on various important plugins and the evidence they provide.
- Live Demo of solving a CTF challenge and an elaborate discussion on collected memory evidence.
The participants need to have the following installed in their computers:
- Ubuntu 16.04/18.04 LTS with Windows 7 64-bit in Virtualbox.
- Python 2.x & python 3.x
- Volatility 2.6 (APT Install). Visit this for more details.
- Ghex (apt install)
- DumpIt.exe installed in Windows VM.
Allocate around 1GB of RAM for the virtual machine and please enable Virtualbox Guest Additions so that data transfer between Guest & Host is possible.
Hi! I am Abhiram Kumar. I am a 3rd year UG student pursuing my B.Tech in CSE at Amrita University, Amritapuri. I am a member of Team bi0s, CTF team from Amrita University. I have been focusing on Volatile Memory Analysis and Cyber Forensics for the last 3 years. I also have experience in conducting a workshop on Cyber Forensics at the VIDYUT Multi-Fest. I am also a member in the Core Organising team of InCTF & InCTF Junior.
I, along with a few members of my team authored the DFRWS IoT Challenge 2018-19 paper and got selected in the Top 5 submissions: https://github.com/dfrws/dfrws2018-challenge/tree/master/challenge-submissions/bi0s-amritapuri
- Link to Twitter profile: https://twitter.com/_abhiramkumar
- Link to LinkedIn profile: https://linkedin.com/in/abhiram-kumar-90026214a/
- Link to technical blog: https://volatilevirus.home.blog/about/
- Link to GitHub profile: https://github.com/stuxnet999
- Link to the PPT of the WorkShop that I conducted as part of the VIDYUT Multi Fest 2019, Amrita Vishwa Vidyapeetham: https://tinyurl.com/yxsypv22