Skip to main content


Gets the list of processes that have connections to IP addresses with a bad reputation.

Script Data#

Script Typejavascript
Tagsmemory, forensics, volatility, server


Argument NameDescription
memdumpThe path to memory dump the file on the system being used.
systemThe system with Volatility installed to be used for the analysis.
profileThe Volatility profile to use.
repthresholdThe reputation threshold. Any IP addresses up to and including this score are considered malicious.
repscriptThe reputation script to use to check IP addresses.


There are no outputs for this script.