Author Topic: Hidden DLLs  (Read 6029 times)

0 Members and 1 Guest are viewing this topic.

November 04, 2008, 01:49:10 pm
Read 6029 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

November 05, 2008, 06:18:25 am
Reply #1

pnuemo

  • Jr. Member

  • Offline
  • **

  • 11
that's a good read.  thanks for sharing.

November 13, 2008, 06:13:03 pm
Reply #2

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

January 07, 2009, 06:56:23 pm
Reply #3

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Malfind Volatility Plug-In
http://mnin.blogspot.com/2009/01/malfind-volatility-plug-in.html

Quote
Malfind.py is a Volatility plug-in to find and extract hidden and/or injected code from physical memory dumps. It basically streamlines the multiple steps described in the two previous posts (Recovering CoreFlood Binaries with Volatility and Locating Hidden Clampi DLLs VAD-Style).
Ruining the bad guy's day