关于
This skill equips Claude with specialized knowledge for performing advanced memory forensics, focusing on the Volatility 3 framework and live acquisition techniques for Windows, Linux, and macOS. It streamlines the investigation process by providing standardized workflows for incident response and malware analysis, enabling users to detect hidden processes, identify code injection, analyze network connections, and extract critical system artifacts like registry hives or credentials from RAM captures. It is an essential companion for security researchers and incident responders looking to automate and standardize their memory analysis patterns.