MemProcFS - This Changes Everything
Imagine being able to "mount" memory as if it were a disk image. With a single command, MemProcFS will create a virtual file system representing the processes, file handles, registry, $MFT, and more. The tool can be executed against a memory dump, or run against memory on a live system. This is a game changer for memory forensics! ** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. ** 📖 Chapters 00:00 - Intro 01:42 - Installation 02:41 - Demo 🛠 Resources MemProcFS: The Memory Process File System: https://github.com/ufrisk/MemProcFS #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #MemoryForensics
▶︎
Introduction to Windows Forensics
▶︎
A File's Life - File Deletion and Recovery
▶︎
Memory Forensics with Volatility | HackerSploit Blue Team Series
▶︎
Ulf Frisk - Memory Forensics and DMA Attacks with MemProcFS and PCILeech
▶︎
Email Header Analysis and Forensic Investigation
▶︎
Prefetch Deep Dive
▶︎
Windows MACB Timestamps (NTFS Forensics)
▶︎
Investigating Malware Using Memory Forensics - A Practical Approach
▶︎
Let's Talk About Shimcache - The Most Misunderstood Artifact
▶︎
Introduction to Memory Forensics with Volatility 3
▶︎
Windows SRUM Forensics
▶︎
Introduction to Memory Forensics
▶︎
Guide: What to do AFTER building your computer...
▶︎
Linux Backup Strategies | Exploring the rsync Command
![Mini Hackathon - Build a Power App! [Full Course]](https://i.ytimg.com/vi/Gx7xL8w2AnY/hqdefault.jpg?sqp=-oaymwEjCNACELwBSFryq4qpAxUIARUAAAAAGAElAADIQj0AgKJDeAE=&rs=AOn4CLDg-4z-P6ph4ZXx54pdOkTeAq53JA)
▶︎
Mini Hackathon - Build a Power App! [Full Course]
▶︎
13 DOS commands you NEVER knew you NEEDED!
▶︎
Linux Full Course for Beginners | Learn Linux System Administration
▶︎
#SatudayHackerday: Memory Forensics (Cyberdefenders) with Volatility and MemProcFS
▶︎
Secure Boot Certificate Expiry (Windows & Linux)
▶︎