WIN32

# PSParent Plugin Volatility 3 **PSParent** is a custom plugin for the [Volatility 3 memory forensics framework](https://github.com/volatilityfoundation/volatility3). It performs **dynamic parent-child process relationship validation**, using built-in Windows behavioral rules to...

# OrphanDLLs Plugin Volatility 3 **OrphanDLLs** is an advanced custom plugin for the [Volatility 3 memory forensics framework](https://github.com/volatilityfoundation/volatility3). It is designed to detect **unlinked, hidden, or reflectively loaded DLLs** and...

# live.py – Volatility 3 Live System Analysis Plugin `live.py` is a custom plugin for **Volatility 3** designed to extend its capabilities for **real-time forensic data collection and threat hunting**...

# OrphanProcs Plugin — Volatility 3 **OrphanProcs** is a custom plugin for the [Volatility 3 memory forensics framework](https://github.com/volatilityfoundation/volatility3). Its primary function is to detect and list processes whose parent process...

# procgraph.py – Process Connectivity & Relationship Visualization (Volatility 3 Plugin) `procgraph.py` is a **Volatility 3 plugin** designed to map **process relationships and connectivity** from a Windows memory dump. It...

# desktopfiles.py – Enhanced Desktop Artifacts Scanner (Volatility 3 Plugin) `desktopfiles.py` is a powerful **Volatility 3 plugin** built for **Windows memory forensics**, designed to identify and analyze files and folders...

Fileless Malware Hunter Volatility3 Plugin

1

# fileless.py – Advanced Fileless Malware Hunter (Volatility 3 Plugin) `fileless.py` is a dedicated **Volatility 3 plugin** built for advanced forensic analysis of **Windows memory dumps**. Its primary focus is...