memtriage v0.3.2-alpha: quickly query a Windows machine for RAM artifacts
memtriage Allows you to quickly query a live Windows machine for RAM artifacts This tool utilizes the Winpmem drivers to access physical memory and Volatility for analysis. Caveats: Doesn’t work with Device Guard enabled. Should be tested on...
