Volatility User Guide

Danielle Kelly and Xavi Bilbao have extended the Volatility User Guide. The stand-alone version of volatility is good for those who use mostly plug-ins that are provided, rather than need any development. Volatility is an open source memory forensics framework for incident response and malware analysis. It is written in Python and supports Microsoft Windows, Mac OS X, and Linux.

 
This user guide contains basic steps for creating and exploring memory dumps. It is important to investigate processes to gain an overview of what applications are running. This is a good initial step when investigating RAM in 32 bit/64 bit systems.

 

More.