PHASE: Volatility Commands50% COMPLETION
MODULE 10
Memory Hunting with Volatility
Analyzing RAM dumps for unlinked processes and injected code.
Volatility Commands
Volatility analyzes memory dumps for hidden threats.
vol.py -f memory.dmp windows.pslist
vol.py -f memory.dmp windows.malfind
vol.py -f memory.dmp windows.netscan
vol.py -f memory.dmp windows.malfind
vol.py -f memory.dmp windows.netscan