Windows Process Internals: A few Concepts to know before jumping on Memory Forensics [Part 5] – A Journey in to the Undocumented Process Handle Structures (_handle_table & _handle_table_entry) In this series of articles of “Must know Process Internals for Memory Forensics”, we have traversed through ActiveProcessLinks (doubly-linked list) of EPROCESS....
Author
Latest Articles
- BlogSeptember 29, 2020Using the Google custom search engine for OSINT | By Maciej Makowski
- BlogSeptember 22, 2020Sysmon 12.0 — EventID 24 | By Olaf Hartong
- BlogSeptember 21, 2020Decrypting Databases Using RAM Dump – Health Data | By Michal Rozin
- BlogSeptember 18, 2020TikTok — Using OSINT to Discover New Leads | By Josh Richards
Subscribe
Login
0 Comments