From 41685cb3fa2f0cece1ebb8e0ee884762a7ed4701 Mon Sep 17 00:00:00 2001
From: k1nd0ne <k1nd0ne@mail.com>
Date: Wed, 27 Nov 2024 23:23:51 +0100
Subject: [PATCH] Update README.md

---
 README.md | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 5f944ba..da44268 100644
--- a/README.md
+++ b/README.md
@@ -8,9 +8,7 @@
 VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework.
 It is dedicated to aiding in investigations and incident responses.
 
-
-
-## Objectives
+## 🧬 Objectives
 
 The goal of VolWeb is to enhance the efficiency of memory collection and forensic analysis by providing a centralized, visual, and enhanced web application for incident responders and digital forensics investigators.
 Once an investigator obtains a memory image from a Linux or Windows system (Mac coming soon), the evidence can be uploaded to VolWeb, which triggers automatic processing and extraction of artifacts using the power of the Volatility 3 framework.
@@ -18,7 +16,7 @@ Once an investigator obtains a memory image from a Linux or Windows system (Mac
 By utilizing hybrid storage technologies, VolWeb also enables incident responders to directly upload memory images into the VolWeb platform from various locations using dedicated scripts interfaced with the platform and maintained by the community.
 Another goal is to allow users to compile technical information, such as Indicators, which can later be imported into modern CTI platforms like OpenCTI, thereby connecting your incident response and CTI teams after your investigation.
 
-# Project Documentation and Getting Started Guide
+# 📘 Project Documentation and Getting Started Guide
 
 The project documentation is available on the <a href="https://github.com/k1nd0ne/VolWeb/wiki/VolWeb-Documentation">Wiki</a>.
 There, you will be able to deploy the tool in your investigation environment or lab.
@@ -30,7 +28,11 @@ There, you will be able to deploy the tool in your investigation environment or
 A quick disclaimer: VolWeb is meant to be use in conjunction with the volatility3 framework CLI,
 it offers a different way to review & investigate some of the results and will not do all of the deep dive analysis job for you.
 
-## Investigate
+## 💿 Hybrid storage solution
+
+Your evidences are uploaded to the VolWeb plateform and is using filesystem analyse by default for having the best performances. But you can also bind evidences from a cloud storage solution (AWS/MINIO) and bind them to your cases in order to perform the analysis directly on the cloud.
+
+## 🔬 Investigate
 
 The investigate feature is one of the core feature of VolWeb.
 It provides an overview of the available artefacts that were retrived by the custom volatiltiy3 engine in the backend.
@@ -40,7 +42,7 @@ You also get a enhanced view of all of the plugins results by categories.
 <img width="1728" alt="image" src="https://github.com/user-attachments/assets/ecdc3ba5-e3e1-48b9-9e82-3d8bba1649ae">
 
 
-## Explore
+## ፨ Explore
 « _Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win._ »
 
 The explore feature comes with VolWeb 3.0 for Windows investigations (coming soon for Linux).
@@ -48,7 +50,7 @@ It enable the memory forensics expert to investigate potential suspicious proces
 
 <img width="1728" alt="image" src="https://github.com/user-attachments/assets/e77e5c07-4ff7-4bdb-9eb4-d8880e0a0107">
 
-## Capitalize and share indicators
+## 🚨 Capitalize and share STIX V2 Indicators
 
 When the expert found malicious activies, VolWeb give you the possibility to create STIX V2 Indicators directly from the interface and centralize them in your case.
 Once your case is closed, you can generate you STIX bundle and share your Indicators with your community using CTI Platforms like MISP or OpenCTI.
@@ -56,7 +58,7 @@ Once your case is closed, you can generate you STIX bundle and share your Indica
 <img width="1728" alt="image" src="https://github.com/user-attachments/assets/5e4015ff-5eeb-495b-bfe0-7fd3bcdfe43c">
 
 
-## Interacting with the REST API
+## 🪡 Interacting with the REST API
 
 VolWeb exposes a REST API to allow analysts to interact with the platform. A swagger is available on the platform in oder to get the full documentation.
 There is a dedicated repository proposing some scripts maintained by the community: https://github.com/forensicxlab/VolWeb-Scripts .
@@ -69,14 +71,14 @@ VolWeb is using django in the backend. Manage your user and database directly fr
 
 <img width="1718" alt="image" src="https://github.com/user-attachments/assets/ded4d50e-23ee-4154-bc22-0ddb76678495">
 
-# Issues & Feature request
+# 👔 Issues & Feature request
 
 If you have encountered a bug, or wish to propose a feature, please feel free to create a [discussion](https://github.com/k1nd0ne/VolWeb/discussions) to enable us to quickly address them. Please provide logs to any issues you are facing.
 
 
-# Contributing
+# 🤘 Contributing
 
-VolWeb is open to contributions. Follow the contributing guideline to propose features.
+VolWeb is open to contributions. Follow the contributing guideline in the documentation to propose features.
 
 # Contact