> ## Documentation Index
> Fetch the complete documentation index at: https://docs.socfortress.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Volatility 3 Malware Hunting (Full Tutorial)

> Memory-forensics workflow for malware hunting using Volatility 3.

**Video:** [https://www.youtube.com/watch?v=R1X8V9yy\_Y4](https://www.youtube.com/watch?v=R1X8V9yy_Y4)

## Goal

Use Volatility 3 to hunt malware and suspicious activity in memory dumps.

## When to use

* When you have a memory capture from a suspicious host
* When you need deeper insight than disk/EDR telemetry provides

## Prereqs

* Memory dump acquired and stored securely
* Volatility 3 available in your analysis environment

## Procedure (high level)

1. Identify profile/context and validate the dump
2. Enumerate processes and suspicious artifacts
3. Pivot into network, modules, command lines, and persistence indicators
4. Document findings and feed back into detections

## Validation

* Findings are reproducible and mapped to concrete evidence
