Advanced Memory Forensics & Threat Detection

Memory Forensics In-Depth provides the critical skills necessary for digital forensics examiners and incident responders to proficiently analyze captured memory images and live response audits. The course uses the most effective freeware and open-source tools in the industry today and provides an in-depth understanding of how these tools work. FOR526 is a critical course for any serious DFIR investigator who wants to tackle advanced forensics, trusted insider, and incident response cases.

Course syllabus:

  1. Foundations in Memory Analysis and Process Exploration

  2. Unstructured Analysis and Process Exploration

  3. Malicious Code Detection Methods

  4. Hibernation and Crash Dump File Analysis

  5. Defense Evasion and Rootkit Detection

  6. Memory Analysis Challenges