Good afternoon, Mark,
I'm your follower because of Autopsy :-)
I would have some requests for help in using this forensic tool being a RAM DAMP analysis technician and so I would like to try to get some useful results. First I would like to start talking about the results obtained with Volatility Dump Files Module thanks also to your article (https://medium.com/@markmckinnon_80619/volatility-autopsy-plugin-module-8beecea6396) ... in the "Module Output" folder of my processed case I can extract contents with .dat, .iso and other formats ... the question I ask is how can I make them available and usable by retrieving the files (.doc, .docx, .xls, .xlsx, .pdf, .txt ...)? This result would be very important for me!
Mark can I ask you why the results of the (very useful) forms, except "Extracted Contact"
, I don't display them in the Autopsy graphical results tree?
Good afternoon, Mark, I'm your follower because of Autopsy :-) I would have some requests for help in using this forensic tool being a RAM DAMP analysis technician and so I would like to try to get some useful results. First I would like to start talking about the results obtained with Volatility Dump Files Module thanks also to your article (https://medium.com/@markmckinnon_80619/volatility-autopsy-plugin-module-8beecea6396) ... in the "Module Output" folder of my processed case I can extract contents with .dat, .iso and other formats ... the question I ask is how can I make them available and usable by retrieving the files (.doc, .docx, .xls, .xlsx, .pdf, .txt ...)? This result would be very important for me! Mark can I ask you why the results of the (very useful) forms, except "Extracted Contact"
, I don't display them in the Autopsy graphical results tree?
