Andrew Case [Speaker-Timeline] [Speaker-Links]

Tell us about missing data
Title Conference Tags
DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction RAID2019-2019 - Beijing, China
Windows 10 DFIR Challenges BSidesLasVegas-2019 - Las Vegas, USA
HookTracer: A System for Automated and Accessible API Hooks Analysis DFRWSUSA-2019 - Portland, USA
Taste the Rainbow: Windows 10 Challenges for Red, Blue, and Purple Teams BSidesAustin-2019 - Austin, USA
Memory Forensics and the Windows Subsystem for Linux DFRWSUSA-2018 - Rhode Island, USA
Gaslight: A Comprehensive Fuzzing Architecture for Memory Forensics Frameworks Paper DFRWS-2017 - austin,usa
A6 Hunting Advanced Adversaries with Memory Analytics ThreatIntelligence-2016 - new orleans,usa
Leveraging Proactive Defense to Defeat Modern Adversaries TakedownCon-2015 - Huntsville,USA
Advancing Mac OS X Rootkit Detection DFRWS-2015 - Philadelphia,USA
Unmasking Careto through Memory Analysis SecTor-2014 - toronto,canada
In Lieu of Swap: Analyzing Compressed RAM in Mac OS X and Linux DFRWS-2014 - denver,usa
Leveraging Memory Forensics during DFIR BSidesNola-2014 - New Orleans,USA
Hunting Mac Malware with Memory Forensics RSACon-2014 - San Francisco, USA
Leveraging Memory Forensics during DFIR BSidesNola-2013 - New Orleans,USA Security
Leveraging Memory Forensics During Incident Response and Malware Analysis BSidesBoston-2013 - Boston,USA
Why memory analysis should be part of your forensics and IR process BSidesJackson-2012 - Jackson,USA Security
Investigating Coordinated Data Exfiltration Security B-Sides DFW-2011 - Dallas, USA Security
Investigating Coordinated Data Exfiltration BsidesDFW-2011 - Texas,USA
WORKSHOP - Investigating Live CDs using Volatility and Physical Memory Analysis BlackhatUSA-2011 - Las Vegas,USA
De-Anonymizing Live CDs through Physical Memory Analysis BlackHatDC-2011 - Washington,USA