|−|== History == |+|
, [[..]] , ()
|−|During the 1990s, it became a [[best practice]] to capture a [[ Tools: Memory_Imaging| memory image]] during incident response. At the time, the only way to analyze such memory images was using [[ strings]]. Although this method could reveal interesting details about the memory image, there was no way to associate what data came from what program, let alone what user. |+|
|−|In the summer 2005 the [[Digital Forensic Research Workshop]] published a ''Memory Analysis Challenge''. They distributed two memory images and asked researchers to answer a number of questions about a security incident. The challenge produced two seminal works. The first, by [[Chris Betz]], introduced a tool called ( NAME) . The second, by [[George Garner]] and (AUTHOR) produced [[kntlist]]. |+|
Revision as of 18:26, 16 February 2012
Welcome to Forensics Wiki!
We hope you will contribute much and well.
You will probably want to read the help pages.
Again, welcome and have fun! .FUF 10:26, 16 February 2012 (PST)