A Volatility 3 plugin framework recovers runtime C2 endpoints, keys, and execution state from Go malware by parsing internal heap, stack, and goroutine structures.
Accessed: 2026-01-16
1 Pith paper cite this work. Polarity classification is still indexing.
1
Pith paper citing it
fields
cs.CR 1years
2026 1verdicts
UNVERDICTED 1representative citing papers
citing papers explorer
-
Memory Forensics Techniques for Automated Detection and Analysis of Go Malware
A Volatility 3 plugin framework recovers runtime C2 endpoints, keys, and execution state from Go malware by parsing internal heap, stack, and goroutine structures.