archive
Tag: Volatility

2016/10/10

Most Recent Used (MRU) Peek-A-Book

In this post, we will cover some cool ways to review the Most Recent Used (MRU) keys from the Windows registry. The goal of the article is to show how these keys can be useful, explain how to review them using RegRipper, and provide a means to review these keys directly from a memory image[…]

2014/05/19

Physical Memory Analysis – Volatility

by Destruct_Icon
Categories: Analysis, Host Forensics
Tags: ,
Comments: Leave a Comment

Volatility So far we have gone through two other means of memory analysis; Bulk Extractor and Foremost. We plan to go very deep into Volatility at a later date but, as this run of posts is about basics of phys mem, I want to keep this relatively short and sweet. Volatility is a collection of[…]


Today is Tuesday
2017/06/27