Daniel Uroz
Daniel Uroz
Home
Publications
Posts
Contact
Light
Dark
Automatic
Volatility
On Challenges in Verifying Trusted Executable Files in Memory Forensics
We investigate the limitations that memory forensics imposed to the digital signature verification process of Windows PE signed files, obtained from a memory dump
Daniel Uroz
,
Ricardo J. Rodríguez
PDF
Cite
Code
Slides
DOI
Characteristics and Detectability of Windows Auto-Start Extensibility Points in Memory Forensics
We propose a taxonomy of the Windows ASEPs, considering the features that are used or abused by malware to achieve persistence.
Daniel Uroz
,
Ricardo J. Rodríguez
PDF
Cite
Code
Slides
DOI
Cite
×