Profice is the official iLearn partner of EC-Council and a partner of Dgroove (official EC-Council partner) for live courses.
About This Course
In this Malware & Memory Forensics workshop, you will learn details of how malware
functions, and how it is categorized. Then you will be shown details of the structure
of memory, and how memory works. There is plenty of hands-on memory forensics.
You will learn how to analyse memory to find evidence of malware.
Course Syllabus
a. Swap space analysis
b. Memory Analysis
c. Data acquisition as per RFC 3227
a. Current processes
b. Memory mapped files
c. Caches
d. Open Ports
a. Data structures
b. Windows Objects
c. Processes
d. Handles
e. Pool-tag scanning
f. %SystemDrive%/hiberfil.sys
g. Page/Swap File
a. Using volatility
b. Dumpit.exe
c. hibr2bin
d. Win32dd
e. Win64dd
f. OSForensics
Course Packages
iLearn(Self-paced e-learning) course
All You Need to Know
This training is useful for any forensic investigator but is particularly interesting to those trying to trace data leaks, financial crimes, and cyber-related crimes. This workshop includes hands-on labs.
- One year access to training videos from master trainer
- Six months access to ilabs
Official Training Partner
Why Choose Profice?
Official Partner
Authorized Training Partner delivering official certified curriculum
Expert Instructors
Certified professionals with 10+ years of real-world experience
Hands-on Labs
Real-world projects and 24/7 lab environment access
95% Pass Rate
Industry-leading certification exam success rate
Lifetime Support
Ongoing mentorship and community access after course completion
Job Assistance
Dedicated placement support with 500+ hiring partners
Official Training Partner
Profice is an official training partner delivering globally recognized certifications.