TCP Connections

The CONSOLE OUPUT from Volatility Framework is generated after executing the connscan plugin on the captured memory image.

Console Output

Volatility Foundation Volatility Framework 2.6
Offset(P)  Local Address             Remote Address            Pid
---------- ------------------------- ------------------------- ---
0x02087620 172.16.112.128:1038       41.168.5.140:8080         1484
0x023a8008 172.16.112.128:1037       125.19.103.198:8080       1484