Just in time for the holidays, we have a new update to the SANS Memory Forensics Cheatsheet! Plugins for the Volatility memory analysis project are organized into relevant analysis steps, helping the analyst walk through a typical memory investigation. We added new plugins like hollowfind and dumpregistry, updated plugin syntax, and now include help for those using the excellent winpmem and DumpIt acquisition tools. The cheatsheet includes nearly everything you need to spend a relaxing evening at home analyzing memory dumps. Enjoy!
Article Link: http://forensicmethods.com/sans-memory-forensics