Archive for November, 2009
Physical Memory Imaging
I came across this interesting 2007 paper on Live Memory Acquisition for Windows Operating Systems by Naja Davis that shows some of the tools and techniques used by forensics analysts1 to get at the physical memory and analyze memory contents to get list of processes, threads, files, passwords and other data in memory.
Loading ...