TL;DR: Volatility / Volatility3 against a raw memory dump; recover processes, network sessions, encryption keys, mimikatz artefacts.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://github.com/volatilityfoundation/volatility3