SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation of must have tools for the right occasion.
[update] new url [/update]
Private homepage of Alexander Geschonneck (Berlin, Germany).
SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation of must have tools for the right occasion.
[update] new url [/update]
Comments are closed.
I want to get SANS tool.
great post, i’m glad that there are tools specifically for windows.
Too bad the site is unfortunately no longer available.
the SANS forensics blog just moved to http://computer-forensics.sans.org/blog/2008/12/13/windows-physical-memory-finding-the-right-tool-for-the-job