Unsorted list of publications and coding projects

Slides and especially the Proof of Concept implementation "Houdini", released at BlackHat USA 2020:

Hiding Process Memory via Anti-Forensic Techniques

Links to the paper, presentation and all material to reproduce the results for the research presented at DFRWS USA 2020:

Hiding Process Memory via Anti-Forensic Techniques

All material related to the BlackHat EU 2019 talk:

Detecting (un)Intentionally Hidden Injected Code by Examining Page Table Entries

Links to the paper, presentation and all material to reproduce the results for the research presented at DFRWS USA 2019:

Windows Memory Forensics: Detecting (un)intentionally hidden injected Code by examining Page Table Entries

Slides, whitepaper and exploit code for the BlackHat USA 2019 talk:

APIC's Adventures in Wonderland

For the current version of the ptenum Rekall plugin and the corresponding paper:

For the current version of linux heap analysis plugins:

For more Rekall plugins:

Rekall plugins

For the current version of gunziper, see here

The last (but not anymore supported) version of tsakwaf: tsakwaf-0.9.7

Note: for tsakwaf, the perl modules IO-Socket-SSL resp. HTML-Parser are needed