THM - Advent of Cyber 2022 - Day 11
Difficulty: 
Challenge Link
OS: Linux/Windows
This challenge is focused on doing Memory Forensics.
To access the memory dump, you will need to deploy the machine attached to this task by pressing the green "Start Machine" button located at the top-right of this task. The machine should launch in a split-screen view. If it does not, you will need to press the blue "Show Split Screen" button near the top-right of this page.
Volatility and the memory file (named workstation.vmem) is located in /home/elfmcblue/volatility3.
