RCA - RAM Capture and Analysis

RCA: RAM Capture and Analysis https://www.iacis.com/training/ram-capture-analysis/ This course is designed for the law enforcement professional who needs to leverage volatile memory to find evidence that does not exist on disk. The class will progress just like an investigation. On Day 1, students will build a device that will be used to access a locked Windows system. Students will learn additional skills to bypass login screens on Windows and Linux systems using older and newer open-source techniques. The course will introduce how the Kernel and address translation works. Additional sources of memory such as page, hibernation, and dump files are discussed. Then, the students will spend Day 2 learning different techniques to capture RAM on Windows, Mac, and Linux systems. The students will learn about advanced topics such as RAM on virtual machines and capturing RAM over a network. On Day 3, the students will compare commercial and open-source tools to analyze memory. Upon completion of the course, the students will be comfortable using command line tools for RAM analysis, even if this is their first time in a terminal. Day 4 will focus on password cracking. Students will learn techniques to use open-source tools to find the passwords for encrypted containers. On Day 5, the students will learn additional techniques to break into encrypted partitions. Event Information Event Date Apr 28, 2025 Event End Date May 2, 2025 Location USA: Florida Save to Back