Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Forensic memory dumping issues
«
6 June 2006 |
11:44 |
Forensics, Live Response |
No Comments | 2,055 Views
»
windows memory analysis
«
6 April 2006 |
22:09 |
Forensics, Live Response |
No Comments | 2,511 Views
»
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction.
He describes how to
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction.
He describes how to
