MEC.conf

MEC.conf

The Developer Conference

Make a submission

Accepting submissions till 28 Jul 2019, 11:00 PM

Kerala Technology Innovation Zone, Kochi

For Developers with various fields of interest and matching atmosphere, MEC.conf is an opportunity for growing one’s network and getting to know the latest in the world of development.

We are here to build a developer community that pervades all of engineering and sciences, for that we are providing a platform to enrich delegates with knowledge from experienced innovators and developers. Providing a broader perspective on various engineering challenges that can be solved by implementing the developer mentality.

Hosted by

Abhiram Kumar

@abhiramkumar

Memory Forensics - A CTF Approach

Submitted Jun 28, 2019

This session gives a brief introduction to volatile memory analysis using the open source tool “volatility”.
Key takeaways:

  • Start playing CTFs which is best way to get into cyber security.
  • Understanding how memory forensics works & fundamentals of memory dump analysis.
  • Learning the fundamentals of using the tool volatility and its various plugins.
  • Interested people can also start contributing to this tool.

Outline

This session will start from the very fundamentals:

  • Why, What and How of Memory Forensics.
  • Introduction to Volatility & it’s plugins.
  • Elaborate discussion on various important plugins and the evidence they provide.
  • Live Demo of solving a CTF challenge and an elaborate discussion on collected memory evidence.

Requirements

The participants need to have the following installed in their computers:

  • Ubuntu 16.04/18.04 LTS with Windows 7 64-bit in Virtualbox.
  • Python 2.x & python 3.x
  • Volatility 2.6 (APT Install). Visit this for more details.
  • Ghex (apt install)
  • DumpIt.exe installed in Windows VM.

Allocate around 1GB of RAM for the virtual machine and please enable Virtualbox Guest Additions so that data transfer between Guest & Host is possible.

Speaker bio

Hi! I am Abhiram Kumar. I am a 3rd year UG student pursuing my B.Tech in CSE at Amrita University, Amritapuri. I am a member of Team bi0s, CTF team from Amrita University. I have been focusing on Volatile Memory Analysis and Cyber Forensics for the last 3 years. I also have experience in conducting a workshop on Cyber Forensics at the VIDYUT Multi-Fest. I am also a member in the Core Organising team of InCTF & InCTF Junior.
I, along with a few members of my team authored the DFRWS IoT Challenge 2018-19 paper and got selected in the Top 5 submissions: https://github.com/dfrws/dfrws2018-challenge/tree/master/challenge-submissions/bi0s-amritapuri

Links

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Make a submission

Accepting submissions till 28 Jul 2019, 11:00 PM

Kerala Technology Innovation Zone, Kochi

Hosted by