SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
Windows Memory Forensics Tools [update]
«
23 December 2008 |
21:32 |
Forensics, Resources, Tools |
4 Comments | 897 Views
»
Forensic memory dumping issues
«
6 June 2006 |
11:44 |
Forensics, Live Response |
No Comments | 2,145 Views
»
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic
windows memory analysis
«
6 April 2006 |
22:09 |
Forensics, Live Response |
No Comments | 2,586 Views
»
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to
