Windows Memory Forensics Tools

« 23 December 2008 | 21:32 | Forensics, Resources, Tools | 2 Comments | 561 Views »

SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation



Forensic memory dumping issues

« 6 June 2006 | 11:44 | Forensics, Live Response | No Comments | 2,139 Views »

Arne Vidstrom from ntsecurity.nu wrote an interesting paper about problems with forensic RAM dumps from Windows XP. His summary on this topic



windows memory analysis

« 6 April 2006 | 22:09 | Forensics, Live Response | No Comments | 2,582 Views »

Andreas Schuster recently published on his blog two interesting articles about process memory reconstruction. He describes how to



Security Service London