July | 2017 | HoldMyBeer

Rekall memory analysis framework for Windows, Linux, and Mac OSX

Rekall is the most complete Memory Analysis framework. Rekall provides an end-to-end solution to incident responders and forensic analysts. From state of the art acquisition tools, to the most advanced open source memory analysis framework. Rekall provides cross-platform solutions on Windows, Mac OSX, and Linux. Additionally, as stated above each operating system has it’s own memory acquisition tool provided by Rekall called pmem.

Continue reading →

Creating macOS VM on VMware Fusion

I had no idea that Mac OSX users had the ability to create Mac OSX VMs with VMware Fusion. Say that last part five times fast lol. I am going to walk you through the process of creating a macOS(Sierra) VM on my laptop. I would like to give original credit to VMware but I want to share this with my readers. The ability to create Mac OSX VMs allows me to analyze Mac OSX malware in a safe environment, whoop whoop.

Continue reading →

HoldMyBeer

Cause every great story starts with "Hold my beer"

Monthly Archives: July 2017

Rekall memory analysis framework for Windows, Linux, and Mac OSX

Creating macOS VM on VMware Fusion