Category: Forensics


Santoku, a linux distribution for Android forensic analysis

Santoku is a bootable linux distribution focused on mobile forensics, analysis, and security. It comes with pre-installed platform SDKs, drivers and utilities and allows auto detection and setup of new connected mobile devices. Santoku Linux is a free and open community project sponsored by NowSecure who provide core team members, and some tools for inclusion in the […]

Cybersecurity, Forensics, Volatility

How to retrieve user’s passwords from a Windows memory dump using Volatility

About Volatility i have written a lot of tutorials, now let’s try to use this information in a real context extracting the password hashes from a windows memory dump, in 4 simple steps. 1. Identify the memory profile First, we need to identify the correct profile of the system: root@Lucille:~# volatility imageinfo -f test.elf Volatility […]