😣Memory Forensics: Using Volatility Framework

☢️ Memory Acquisition
☢️Importance of Memory Acquisition
☢️Dump Format Supported
☢️Memory Analysis Plugins
☢️Imageinfo
☢️Kdbgscan
☢️Processes
☢️DLLs
☢️Handles
☢️Netscan
☢️Hivelist
☢️Timeliner
☢️Hashdump
☢️Lsadump
☢️Modscan
☢️Filescan
☢️Svcscan
☢️History
☢️Dumpregistry
☢️Moddump
☢️Procdump
☢️Memdump
☢️notepad

#memory #forensic #volatility
تیم سورین

✔️Orochi
The Volatility Collaborative GUI for Memory Forensics!

😎https://github.com/LDO-CERT/orochi?tab=readme-ov-file

#volatility #memory #tools #forensics
تیم سورین

😘Volatility Framework Update: Version 2.7.0 is Here!

Volatility specializes in analyzing memory dumps across various operating systems and enables us to explore the state of a system at the time of the memory dump.

• Running Processes
• Active Network Connections
• Loaded Drivers | DLLs
• Code Injections
• Malware Artifacts
• Executed commands
• Opened files
• and many more

☺️ https://github.com/volatilityfoundation/volatility3/releases/tag/v2.7.0

#volatility
تیم سورین