Matthieu Suiche's blog » Blog Archive » Enter Sandman – Japan Pacsec 2007

Enter Sandman – Japan Pacsec 2007

Matthieu Suiche On December - 6 - 2007

For people who wasn’t (or was :)) at PacSec the last week. Slides of Sandman lecture can be found in Japanese[PPT] or in English (updated – last version) [PDF].

[JP] http://www.msuiche.net/pres/psj07ruffsuiche-jp.pdf
[EN] http://www.msuiche.net/pres/PacSec07-slides-0.4.pdf

An overview of hibernation file format is explained and the forensics library we called Sandman is introduced.

Sandman status is reachable here :
http://sandman.msuiche.net/

4 Responses so far.

H. Carvey says:

January 25, 2008 at 2:10 pm

I’ll be very interested to see how this develops, particularly into something that can be used for forensic analysis…

Thanks!

Harlan
Matthieu Suiche says:

January 25, 2008 at 2:23 pm

You can see the progress of Sandman here:

http://sandman.msuiche.net/
zorg says:

February 15, 2008 at 12:23 am

lol du geek au bureaucrate. :)
ca paye decidement de se chier sa scolarité :D
Matthieu Suiche says:

February 15, 2008 at 2:18 pm

A chacun ses finalités.

Twitter Updates

New commands in WinDbg 6.2.8102.0 http://t.co/Q91NXKLF # 2011/10/02

RT @joshuamsmith_: MoonSols DumpIt released free of charge. (dd for windows, great for forensics) very cool, thx to @MoonSols http://t.c ... # 2011/08/13

"Interesting Malware Trick" using MoonSols DumpIt http://t.co/ljlGpQJ # 2011/08/13

Remember 5-days private training are also available if you want to learn more. See http://bit.ly/l4RAxc for more information. #BlackHat # 2011/08/01

Second round of training about Advanced Physical Memory Acquisition and Analysis starting today ! #BlackHat #LasVegas # 2011/08/01

Featured Video

Sponsors