PluralSight – Digital Forensics: Memory and Volatility 2026
English | Tutorial | Size: 230.11 MB
Unlock the secrets hidden in a system’s memory. This course will teach you how to capture, analyze, and interpret live memory to detect malware, hidden processes, and credential artifacts, turning volatile data into actionable forensic evidence.
What you’ll learn
Modern cyber incidents often leave little trace on disk, making it difficult to uncover malware, credential theft, or hidden processes. In this course, Digital Forensics: Memory and Volatility, you’ll learn to capture and analyze live system memory to uncover critical forensic evidence. First, you’ll explore how to safely acquire memory from a running system using tools like DumpIt and WinPMEN. Next, you’ll discover how to extract and analyze processes, sockets, loaded DLLs, and credentials with Volatility. Finally, you’ll learn how to detect malware, rootkits, and injected code, and correlate memory artifacts with other evidence to build a complete incident timeline. When you’re finished with this course, you’ll have the skills and knowledge in memory forensics needed to turn volatile data into actionable evidence for incident response and forensic investigations.
DOWNLOAD: