Login or register
SecDocs RSS feed

Paper details

Title Advanced Mac OS X Physical Memory Analysis
Type Paper
Tags forensic Mac OS X
Abstract In 2008 and 2009, companies and governments interests for Microsoft Windows physical memory growled significantly. Now it is time to talk about Mac OS X. This talk will describe basis of Mac OS X Kernel Internals (and not a XNU kernel creation timeline) and how to retrieve various information like machine information, mounted file systems, processes listing and extraction and threads, kernel extensions listing and extraction and Rootkit detection.
Authors Matthieu Suiche
Submitted May 24, 2010
Rating
Currently 0/5 stars (0 votes).
Correlation
Linked to
Event Black Hat DC 2010
Resource ---
Download
Source Blackhat-DC-2010-Advanced-Mac-OS-X-Physical-Memory-Analysis-wp.pdf
Size 945.3 KB
MD5 a3773cc91edcaa8ae21173691f027139
SHA1 9f68c04b50d6addbafd0397adc11d6f5f0046e0f

Comments
No comments.
Add new Only logged in users can comment.


Click here to lend your support to: SecDocs and make a donation at www.pledgie.com !

Top top


Follow us via RSS RSS feed, on twitter Twitter feed or on facebook Facebook page

© 2007-2012 Alessandro `jekil` Tanasi
Serving 5382 documents and 335.4 GB of hacking knowledge, indexed from 1674 authors in 104 security conferences.
To report bugs or suggest features write .