volatility▌
4 indexed skills · max 10 per page
conducting-memory-forensics-with-volatility
mukul975/Anthropic-Cybersecurity-Skills · conducting-memory-forensics-with-volatility
Performs memory forensics analysis using Volatility 3 to extract evidence of malware execution, process injection, network connections, and credential theft from RAM dumps captured during incident response. Covers memory acquisition, process analysis, DLL inspection, and malware detection. Activates for requests involving memory forensics, RAM analysis, Volatility framework, memory dump investigation, volatile evidence analysis, or live memory acquisition.
performing-memory-forensics-with-volatility3
mukul975/Anthropic-Cybersecurity-Skills · performing-memory-forensics-with-volatility3
Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules, and evidence of malicious activity.
extracting-credentials-from-memory-dump
mukul975/Anthropic-Cybersecurity-Skills · extracting-credentials-from-memory-dump
Extract cached credentials, password hashes, Kerberos tickets, and authentication tokens from memory dumps using Volatility and Mimikatz for forensic investigation.
analyzing-memory-forensics-with-lime-and-volatility
mukul975/Anthropic-Cybersecurity-Skills · analyzing-memory-forensics-with-lime-and-volatility
Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility 3 framework. Extracts process lists, network connections, bash history, loaded kernel modules, and injected code from Linux memory images. Use when performing incident response on compromised Linux systems.