Paging All Windows Geeks – Finding Evil in Windows 10 Compressed Memory

Published by : Black Hat
This presentation focuses on the details of the memory compression implementation in Windows 10, and explores the undocumented structures and algorithms involved in the process. The information in this presentation will enable the community to support new Windows 10 builds in their forensic tools of choice.

By Omar Sardar and Dimiter Andonov

Full Abstract & Presentation Materials: https://www.blackhat.com/us-19/briefings/schedule/#paging-all-windows-geeks--finding-evil-in-windows--compressed-memory-15582
external link sitemap