All Questions
Tagged with reverse-engineering forensics
5 questions
1
vote
1
answer
2k
views
How to extract a RSA private key from an ssh-agent core dump
I need to extract an RSA private key from an ssh-agent core dump running on ubuntu 20.04. I believe the ssh version is the latest. I have tried many Linux tools with no luck. I also wrote a python ...
- 51
1
vote
0
answers
299
views
Passively read key from process memory without invoking kernel (windows 10)
I have a process that loads into memory like any other process. It contains a special key. Our goal is to read this key inside memory...or while it is in transit across the data bus from cpu. The ...
- 11
1
vote
0
answers
196
views
Volatility Plug-ins to investigate packed exe files
I am using volatility for malware analysis. I have got a process in my memory image that is packed by malware using UPX packer. Malfind plugin doesn't show injected code for it also.
How can i use ...
- 11
1
vote
1
answer
498
views
Starting off with Malware Analysis
I am starting off with malware reversing/analysis for the first time. I have been going through many resources on the internet. Some of them being pretty awesome and helpful, like SANS resources, ...
- 1,522
3
votes
3
answers
366
views
Decrypt SSL Connections established by a Host I have adminsitrative privileges on
I want to decrypt a SSL connection that is established by an unknown binary file on a Windows 7 Computer. This binary doesn't exist on any other computer on our network and establishes SSL encrypted ...
- 4,343