Joshua James has published a video-tutorial on how to build Linux kernel profiles for memory forensics with Volatility. He notes that Linux kernel changes data structures and debug symbols often, so it’s very important for a digital forensics examiner to be able to create Linux profiles for the version of Linux that he or she is trying to analyze.

Load More Related Articles
Load More In How To

Leave a Reply

Your email address will not be published. Required fields are marked *