Today I want to briefly take up a topic already addressed in a previous post: analysis of Windows 10 memory dumps using Volatility 2. In my previous article, I’ve recommended to use a FireEye‘s custom version of Volatility [1], with additional profiles specific to Windows 10 memory dumps. However, this version is now little updated, […]
The post How to process recent Windows 10 memory dumps in Volatility 2 first appeared on Andrea Fortuna.Article Link: https://www.andreafortuna.org/2020/12/23/how-to-process-recent-windows-10-memory-dumps-in-volatility-2/