Tag Archives: PoC

Windows Memory Forensics

Let’s begin with an image: Yep. That’s an icon. In an executable. In a process address space. In a raw memory dump. And here is the video demonstration: This is just a proof-of-concept. We still haven’t decided whether to develop … Continue reading

Posted in Demo, Forensics, Profiler | Tagged , | 3 Comments