[How To] Volatility Memory Analysis Building Linux Kernel Profiles
Memory foreniscs in Linux is not very easy. The reason is because the Linux kernel changes data structures and debug symbols often. Users can also easily modify and compile their own custom kernels. If we want to analize Linux memory using Volatility, we have to find or create linux profiles for the version of Linux that we are trying to analize. Linux profile creation for Volatility is not that difficult. The documentation claims that Volatility will support profile sharing in the future, which should make Linux support much easier.
Korean National Security Includes Cybersecurity
Opinion originally posted by Korea Times as Letters to President Moon
When National Security Turns Against You
Opinion originally published by Korea Times
Ransomware and How to Protect Yourself
Originally Published in Korean at NewsTapa.org
Using Autopsy 4 to export file metadata
Autopsy 4 is a very powerful digital forensic investigation tool. Today, we are going to extract file and meta-data from a disk image (mobile phone) to use in external programs. We also briefly introduce Autopsy’s timeline feature.
Imaging Android with ADB, Root, Netcat and DD
Today we are going to acquire an android smartphone (Samsung Note II) using Android Debug Bridge (ADB), netcat and dd. The system I am using is Ubuntu linux. On the “forensic workstation” you will need ADB and netcat installed. I’m using the excellent instructions from here.