memory-forensics
Acquire and analyze RAM dumps with Volatility for incident response and malware analysis.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for memory-forensics, derived from its capabilities.
AIVSS 8.8 ยท High
View MAESTRO 7-layer threat model โOverview
An Agent Skill that injects memory-forensics workflows: live memory acquisition, process/artifact extraction, and injected-code detection using Volatility 3 and Rekall. It covers recovering credentials, sessions, and network connections from RAM captures. The skill guides the agent through triage of memory dumps during breach investigations.
Key features
- Volatility 3 / Rekall analysis workflows
- Live memory acquisition guidance
- Injected-code and credential recovery
Use cases
- Incident-response memory triage
- Extracting malware artifacts from RAM