For those who weren't at Shmoocon (and maybe some who were) I wanted to release the slides for the talk I just gave with Alissa Torres (@sibertor) at Shmoocon. The talk was on creating fake operating system objects in memory. The idea was to show how trivial it is to fool our current memory forensics tools.
I'm on 4G (pay per bandwidth) and hotel Internet so memdumps will probably have to wait until Tuesday. I'm attending Shmoocon Epilogue on Monday before returning home. I'll give uploading images a shot overnight, but I can't promise anything given large size and slow Internet. In any case, I figure I'll have sample memory dumps up on Mediafire by Tuesday night.
For now, I have uploaded our slides for your perusal:
The code will be up on Google code once I get a chance to clean it up (give me a week or two).