November 2023
Beginner to intermediate
352 pages
5h 8m
Japanese
Content preview from 実践 メモリフォレンジック ―揮発性メモリの効果的なフォレンジック分析
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
10章macOSでのメモリの取得
最後の部は、macOSのシステムのメモリ調査という、重要な話題について解説します。国際的なデスクトップOS市場では、macOSは2番目のシェアを誇ります。Apple社のデバイスは、元々は個人向けのデバイスとされていたにもかかわらず、仕事用に採用するユーザが年々増えています。近年、macOSの用途は広がっており、企業全体で採用され始めています(ただし、本書の執筆時点では、このような利用方法は米国でより一般的です)。2021年の時点では、米国企業でのMacintoshの採用率は23%に達しています(https://www.computerworld.com/article/3604601/macs-reach-23-share-in-us-enterprises-idc-confirms.html)。
個人や企業による利用者の増加により、攻撃対象としてのmacOSへの注目度が高まっています。macOSに対する攻撃の被害は、この数年間で確実に増えています。macOSへの攻撃に特化した新たなツールが登場し、macOSの調査手法やツールを充実させる時期に来ていると言えるでしょう。しかし、データを解析できるようになる前に、データの収集方法を知る必要があります。よってこれまでと同様に、macOSのメモリ取得技術の概要から説明します。
この章の内容:
- macOSでのメモリ取得の課題
- macOSでのメモリ取得の準備
- osxpmemによるメモリ取得
- Volatility Frameworkのプロファイル作成
10.1 macOSでのメモリ取得の課題
これまでの章では、メモリを抽出するためのハードウェア的手法とソフトウェア的手法について解説しました。
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.