Forensics

This class was created by Brainscape user Alex Moorman.

By:
Alex Moorman
Start Studying

Decks in this class (17)

Memory Architecture
Computer buses 1,
Memory management unit mmu 2,
Translation lookaside buffer tlu 3
34  cards
Windows Executable Objects
Fileobject 1,
_eprocess 2,
Objectsymbolic_link 3
11  cards
Object Headers
Pointercount 1,
Handlecount 2,
Typeindex 3
11  cards
Pools
Kernel pool 1,
Pooltype 2,
Obcreateobject 3
9  cards
_EPROCESS Contents
Pcb 1,
Createtime 2,
Exittime 3
13  cards
Critical System Processes
Idle 1,
System 2,
Csrssexe 3
9  cards
Volatility Commands Related to Processes
Pslist 1,
Pstree 2,
Scans for _eprocess objects inste...
4  cards
Alternate Process Listings
Process object scanning 1,
Thread scanning 2,
Csrss handle table 3
6  cards
Analyzing Privileges
Sebackupprivilege 1,
Sedebugprivilege 2,
Seloaddriverprivilege 3
15  cards
Address Space Layout
Dynamic linked libraries dlls 1,
Environmental variables 2,
Process environment block peb 3
7  cards
Enumerating Process Memory Tools
Virtual address descriptors vads 1,
Working set list 2,
Pfn database 3
6  cards
Permissions
Page_execute 1,
Page executeread 2,
Page executereadwrite 3
9  cards
Key Points for _PEB
_peb beingdebugged 1,
_peb imagebaseaddress 2,
_peb ldr 3
9  cards
Key Points for _RTL_PROCESS_PARAMETERS:
Rtlprocess_parameters 1,
Rtlprocess_parameters standardout...,
Rtlprocess_parameters standarderr...
7  cards
_PEB_LDR_DATA and _LDR_DATA_TABLE_ENTRY
Pebldr_data 1,
Pebldr_data inloadordermodulelist 2,
Pebldr_data inmemoryordermoduleli...
10  cards
Standard Handles & Suspicious DLLs
Ws2_32dll 1,
Crypt32dll 2,
Hnetcfgdll 3
13  cards
Volatility Plugins
Pslist 1,
Pstree 2,
Psscan 3
4  cards

More about
Forensics

  • Class purpose General learning

The creator of this class did not yet add a description for what is included in this class.

How studying works.

Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.

Learn more about spaced repetition

Add your own flashcards.

Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!

What's Brainscape anyway?

Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.

We use an adaptive study algorithm that is proven to help you learn faster and remember longer....

Looking for something else?

forensic pathology
  • 24 decks
  • 4381 flashcards
  • 7 learners
Decks: Chapter 1 Natural Death, Chapter 1 Medicolegal Investigation, Dimaio Chapter 1 Medicolegal Death, And more!
Forensics
  • 24 decks
  • 757 flashcards
  • 104 learners
Decks: Chapter 1, Chapter 2, Chapter 3, And more!
Find flashcards
Make Flashcards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions