D2Rekall
This Script is part of the D2 (Deprecated) Pack.#
Executes Rekall on a system (usually a forensics workstation) and analyzes a memory dump file located on that system.
Script Data#
| Name | Description |
|---|---|
| Script Type | javascript |
| Tags | agent, memory, forensics |
Inputs#
| Argument Name | Description |
|---|---|
| file | The path to the memory dump file in the machine's filesystem. |
| format | The format argument for Rekall. For example, json or text. |
Outputs#
There are no outputs for this script.