[Dailydave] Three new videos showing off Volatility 2.4 features

Andrew Case atcuno at gmail.com
Wed Sep 10 11:52:55 EDT 2014

We (the Volatility team) have published three videos showing off new
features in the recently released Volatility 2.4 version. These videos
were originally shown at Black Hat Arsenal this past summer.

The first video shows how to locate and extract rootkit components from
process and kernel memory and then gather context for IDA:


The second shows how to uncover a number of artifacts of OS X user activity:


The last shows how to defeat True Crypt no matter how the user
configures the volumes or settings:


If you have any questions or comments then please let us know.

Andrew (@attrc)

More information about the Dailydave mailing list