Memlabs

GitHub - stuxnet999/MemLabs: Educational, CTF-styled labs for individuals interested in Memory ForensicsGitHub

Pre-requisites

• Get your Linux machine ready (preferred).

• Make sure Volatility framework is either installed or cloned from github.

Some basic pointers that are common for all the labs

• I'll be using Volatility 2 for the labs. You can try with Volatility 3 too.

• Always start with what you know and investigate from there. If you randomly run plugins, everything will look suspicious.

• Create a separate folder for each lab and download the lab files into them. Also, create a output directory inside each lab directory to output the dump files.