Recovering Tmpfs from Linux Memory Samples with Volatility
Andrew Case recently wrote another interesting blog post describing his new tmpfs plugin for Volatility. This plugin has a number of exciting and unexpected forensic applications, especially when you start analyzing Android samples. (Rumor has it this years DFRWS Rodeo involved analyzing Android memory samples with Volatility.) Shoutz to Andrew! You will not want to miss his OMFW presentation!
