Monday, October 18, 2010

Forensic Crash Dump Analysis

I attended and spoke at Mandiant's MIRCon last week. It was a really good conference, not even counting that it was free. I have uploaded by slides from my talk and they can be downloaded here:

Forensic Crash Dump Analysis

I probably skipped over a lot of the details and did not leave people enough time to write down all the good registry and windbg tidbits. I am looking forward to the conference next year. I am working on getting the MIR scripts and shell scripts released and will be posted on this blog when they are released.