New Blog Release: Do You Remember this Packet?

17 Feb 2016

Today Adam Bridge, Senior Intrusion Analyst at Context, has released a new blog. With plans to enter the Volatility Plugin Contest 2015 Adam wanted to write a plug-in that was able to retrieve the DNS cache from a Windows memory sample, but ended up stumbling across something more interesting, namely, the incoming and outgoing packet buffer for the NIC.

Adam discusses the steps he took, the challenges he faced, how he came across the packet buffer for the NIC and the plug-in he ultimately wrote that could provide some useful information or intelligence pertinent to an Incident Response investigation.

To read the blog in full, pleaseclick here

Subscribe for more News like this

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider