[Vol-users] Linux keyword search?
Scott Ehrlich
27 Nov
2012
27 Nov
'12
2:18 p.m.
A review of the Linux-capable version of volatility doesn't seem to
indicate any option of performing a keyword search of captured memory.
Is this correct?
Also, I don't recall seeing an option in pmem.ko for capturing
virtual/shared memory versus physical memory. Am I missing
something?
Thanks.
Scott