SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
Windows Memory Forensics Tools
«
23 December 2008 |
21:32 |
Forensics, Resources, Tools |
2 Comments | 561 Views
»
Forensic memory dumping issues
«
6 June 2006 |
11:44 |
Forensics, Live Response |
No Comments | 2,139 Views
»
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
windows memory analysis
«
6 April 2006 |
22:09 |
Forensics, Live Response |
No Comments | 2,582 Views
»
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
