AutoTimeliner: automatically extract forensic timeline from memory dumps

Often, during an incident response, may be necessary to analyze a lot of evidences, like disk and memory dumps.
Continue reading “AutoTimeliner: automatically extract forensic timeline from memory dumps”