SANS Memory Forensics Cheat Sheet

By Chad Tilbury on December 11, 2017 in Memory Forensics — Leave a comment

Just in time for the holidays, we have a new update to the SANS Memory Forensics Cheatsheet!  Plugins for the Volatility memory analysis project are organized into relevant analysis steps, helping the analyst walk through a typical memory investigation.  We added new plugins like hollowfind and dumpregistry, updated plugin syntax, and now include help for those using the excellent winpmem  and DumpIt acquisition tools.  The cheatsheet includes nearly everything you need to spend a relaxing evening at home analyzing memory dumps.  Enjoy!

Volatility Memory Forensics Cheat Sheet

No Comments

Be the first to start the conversation.

Leave a Reply