GitBook: [master] one page modified

2020-12-22 00:56:21 +00:00 · 2020-12-22 00:56:21 +00:00 · b77da73020
commit b77da73020
parent 94412f8916
1 changed files with 1 additions and 0 deletions
--- a/forensics/volatility-examples.md
+++ b/forensics/volatility-examples.md
@ -526,6 +526,7 @@ volatility --profile=Win7SP1x86_23418 dumpcerts --dump-dir=. -f file.dmp
 {% tab title="vol3" %}
 ```bash
 ./vol.py -f file.dmp windows.malfind.Malfind [--dump] #Find hidden and injected code, [dump each suspicious section]
+#Malfind will search for suspicious structures related to malware
 ./vol.py -f file.dmp windows.driverirp.DriverIrp #Driver IRP hook detection
 ./vol.py -f file.dmp windows.ssdt.SSDT #Check system call address from unexpected addresses
 ```