Hi All, I've been using Volatility few days ago, and I'm still new at this time. and until now I only use it only to look at it with regular orders...like 1. pslist 2. files 3.connections 4.etc. And I know, the information obtained from the volatility by the extraction of digital artifacts from volatile memory (RAM) is very useful in the investigation, but I do not know how to utilize, maximize, and use that information obtained by the volatility. and I know, here is the place of great people who can teach me how to better optimize the extraction of information on the results of volatility. Is there that can help me to better optimize the volatility ... please help me. I will very grateful for all help. Regards. Kalmaun.