Memory Forensics with Hyper-V Virtual Machines

With the increased demand for memory forensics and more people using Windows Hyper-V as a hypervisor it's critical the DFIR community follows the proper triage process. Much like ESXi stores a .vmss file for each virtual machines memory Hyper-V stores them in a .bin and .vsv file, however currently it's not as simple to preform memory analysis on these files.

Provided by: SecurityTube.net Topic: Software Date Added: Oct 2014 Format: Webcast

Find By Topic