Please enable JavaScript.

Coggle requires JavaScript to display documents.

Volatility - Coggle Diagram

- - - - Leafpad
        
        Text edior
      - 2.3 Investigate Command History
        
        cmdscan
        
        Extract command history
        
        Consoles
      - 2.4 Investigate suspect's USB
        
        DeviceClasses
        
        Describe a type of device
        
        Enum
      - 2.2 Investigate Internet History
        
        iehistory
      - 2.1 Investigate Explorer History
        
        shellbags
        
        keep track of folder settings
      - 2.5 Crack Window's Password
        
        John the Ripper
        
        To crack the password
        
        Hashdump
        
        Allocate memory inside processes
      - 2.6 Investigate Chrome History
        
        chromehistory
      - 2.7 Network Forensic
        
        Netscan
        
        Scan Network
        
        pslist
        
        Display a list of running processes
        
        Yarascan
        
        Identify and classify malware samples
      - Memory forensics investigation
    - - computes and displays selected image attributes
    - - Details of virtual and physical addresses