Thank you for creating this demo on using Volatility. The 18 minute exercise is a nice bite-sized example that is explained clearly both in voice and with screen depictions : )
Prof K, this has been an absolute wonder of a video. I am currently studying Cybersecurity and we are going over Forensics, I came across Volatility and well this video ties it together. Thank you for doing this for those of us that are learning the tool.
Thank you, Professor K, for this wonderful class you have rendered.
Thank you for creating this demo on using Volatility. The 18 minute exercise is a nice bite-sized example that is explained clearly both in voice and with screen depictions : )
You're welcome!
Prof K, this has been an absolute wonder of a video. I am currently studying Cybersecurity and we are going over Forensics, I came across Volatility and well this video ties it together. Thank you for doing this for those of us that are learning the tool.
Glad it helped!
Amazing walk through!!! Thank you so much!
Amazing!
I am preparing for a CTF event and this is so helpful, thank you professor!
Super Skibidi Professor K
This was amazing, thank you.
THANK YOU!
Thanks Professor, Can you please add the commands in the description?
volatility.exe sample.raw imageinfo
volatility.exe sample.raw --profile=win7SP1x64 pslist
volatility.exe sample.raw --profile=win7SP1x64 pstree
volatility.exe sample.raw --profile=win7SP1x64 cmdscan
volatility.exe sample.raw --profile=win7SP1x64 hivelist
volatility.exe sample.raw --profile=win7SP1x64 print key -K “Software\Microsoft\Windows\CurrentVersion\Run”
volatility.exe sample.raw --profile=win7SP1x64 cmdline
volatility.exe sample.raw --profile=win7SP1x64 procdump -p -dump-dir .
strings .dmp | grep -Fi “” -C 5
strings .dmp | grep -Fi “svchost.exe”
strings .dmp | less
Im gonna kiss you.
. Been stuck on this ❤❤❤❤❤❤