Tools

Volatility

#Install
git clone https://github.com/volatilityfoundation/volatility3.git

#Commands 2
python vol.py -f victim.raw imageinfo
python vol.py -f victim.raw --profile Win7SP1x64 pstree
python vol.py -f victim.raw --profile Win7SP1x64 shellbags
python vol.py -f victim.raw --profile Win7SP1x64 netscan
python vol.py -f victim.raw --profile Win7SP1x64 malfind
python vol.py -f victim.raw --profile Win7SP1x64 -p <PID> memdump -D .
python vol.py -f victim.raw --profile Win7SP1x64 -p <PID> envars 

#Commands 3
python3 vol.py -f victim.raw windows.info.Info
python3 vol.py -f victim.raw windows.pstree.PsTree
python3 vol.py -f victim.raw windows.netscan.NetScan
python3 vol.py -f victim.raw windows.malfind.Malfind
python3 vol.py -f victim.raw windows.filescan

References

• https://github.com/volatilityfoundation/volatility/wiki/Command-Reference#shellbags

Aircrack-ng

Wifi

#Comamnds
aircrack-ng file.cap -w rockyou.txt

Binwalk

#Commands
binwalk -e file #To Extract

PCRT

• https://github.com/sherlly/PCRT

• Fix PNG