Memory analysis on Windows 10 is pretty different from previous Windows versions: a new feature, called Memory Compression, make it necessary a forensic tool able to read compressed memory pages. Windows 10 memory compression Recent releases of Windows 10 include the memory compression feature, which is capable of reducing the memory usage by compressing some […]
Article Link: https://www.andreafortuna.org/2019/08/01/forensic-analysis-of-windows-10-compressed-memory-using-volatility/