[转载]FATKit : Detecting Malicious Library Injection and Upping the “Anti”

信息来源：http://www.4tphi.net/fatkit/

In this white paper, we discuss how the Forensic Analysis ToolKit (FATKit) can facilitate the process of enumerating suspicious artifacts manifested as a result of remote library injection. We discuss a number of techniques that have proven effective at elucidating artifacts that are by-products of advanced exploitation methods frequently characterized as anti-forensic or stealthy.