Automating Detection of Known Malware through Memory Forensics

In this blog post, we will cover how to automate the detection of previously identified malware through the use of three Volatility plugins along with ClamAV. Although this walk-through primarily focuses on Windows memory samples, at the end we explain how to port the approach to Linux and OS X samples.

Although it would make our jobs quite interesting if every investigation