Memory Forensics Volatility Plugins

Volatility Plugins

Get Started. It's Free
or sign up with your email address
Memory Forensics Volatility Plugins by Mind Map: Memory Forensics  Volatility Plugins

1. Identify Rogue Processes

1.1. pslist

1.2. psscan

1.3. pstree

1.4. malprocfind

2. Analyzing Process Objects

2.1. dlllist

2.2. cmdline

2.3. getsids

2.4. handles

2.5. mutantscan

2.6. svcscan

2.7. servicebl

3. Network Artifacts

3.1. connections

3.2. connscan

3.3. sockets

3.4. netscan

4. Code Injection

4.1. ldrmodules

4.2. malfind

4.3. hollowfind

4.4. threadmap

5. Hooking & Rootkit Detection

5.1. ssdt

5.2. psxview

5.3. modscan

5.4. apihooks

5.5. driverirp

5.6. idt

6. Extracting Processes, Drivers & Objects

6.1. dlldump

6.2. moddump

6.3. procdump

6.4. memdump

6.5. cmdscan

6.6. consoles

6.7. dumpfiles

6.8. filescan