Linux Forensics: Memory Capture and Analysis

In my previous posts I often covered many tools and techniques that allows memory acquisition from a Windows system. However, I written few articles about Linux memory acquisition and analysis, only one brief post regarding memory profiles generation on Linux, using LiME.

Continue…

What’s new in Volatility 3?

In last years, the way that operating systems are developed, deployed, and maintained evolved quickly.
Similarly, the skillsets of memory analysts and their preferred work flows have changed to meet a world with increasingly large volumes of complex data.
In order to address these challenges, the Volatility development team has developed an entirely new version of the framework.

Continue…