Windows Memory Forensics Tools [update]
SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
Private homepage of Alexander Geschonneck (Berlin, Germany).
SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to