| Command | What it does | When to use |
|---|---|---|
vm | Memory usage summary | Check system pressure |
kmem -i | Kernel memory info | Slab / allocation issues |
kmem -s | Slab caches | Detect anomalies / leaks |
rd <addr> | Read memory (raw) | Manual inspection |
struct <type> <addr> | Decode struct | Kernel structure analysis |
BLUE TEAM / MALWARE REVERSE / LINUX / CRASH