[Vol-users] Recover password from memory dump

Hi all, I'm new on volatility so sorry if this question does not fit the purpose of this mailing list. I was starting play with LiME (Linux Memory Extract)[1] and I was able to dump a memory image of an Android Emulator where ChatSecure[2] was running. ChatSecure asked a master password at the first run and this password is stored by using a library called CacheWord [3]. Here the question: in order to find out if ChatSecure stores this password in memory, how should I use volatility? A doc/tutorial link or any suggestion are more than welcome. Thanks, Massimo [1] https://github.com/504ensicsLabs/LiME [2] https://github.com/guardianproject/ChatSecureAndroid [3] https://github.com/guardianproject/cacheword