Autopsy-Plugins icon indicating copy to clipboard operation
Autopsy-Plugins copied to clipboard

Published 20 hours ago verified publisher icon markmckinnon

Volatility Dump Files Module

Open Giak1234 opened this issue 5 years ago • 0 comments

Good afternoon, Mark, I'm your follower because of Autopsy :-) I would have some requests for help in using this forensic tool being a RAM DAMP analysis technician and so I would like to try to get some useful results. First I would like to start talking about the results obtained with Volatility Dump Files Module thanks also to your article (https://medium.com/@markmckinnon_80619/volatility-autopsy-plugin-module-8beecea6396) ... in the "Module Output" folder of my processed case I can extract contents with .dat, .iso and other formats ... the question I ask is how can I make them available and usable by retrieving the files (.doc, .docx, .xls, .xlsx, .pdf, .txt ...)? This result would be very important for me! Mark can I ask you why the results of the (very useful) forms, except "Extracted Contact" Extracted_Content , I don't display them in the Autopsy graphical results tree? Views

Giak1234 avatar Feb 08 '20 14:02 Giak1234