Difference between pages "Linux Memory Analysis" and "Windows Desktop Search"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Linux Memory Analysis Tools)
 
(Initial stub)
 
Line 1: Line 1:
The [[Digital Forensic Research Workshop]] [http://dfrws.org/2008/challenge/index.shtml 2008 Forensics Challenge] focused on the development of Linux memory analysis techniques and the fusion of evidence from memory, hard disk, and network.
+
{{Expand}}
  
==Linux Memory Analysis Tools==
+
== See Also ==
* [http://pikewerks.com/sl/ Second Look] from [http://www.pikewerks.com Pikewerks Corporation] - This tool can perform analysis of live local and remote memory sources, as well as stored snapshots of memory (physical memory images or hibernate images).  It can be used to detect rootkits and other kernel-hooking malware, as well as obtain forensic information about the state of the system.  It has reverse engineering capabilities, including built-in disassembly and hexadecimal data views, and the capability of modifying target memory.
+
* The [http://4tphi.net/fatkit/ Forensic Analysis Toolkit (FATKit)] is a cross-platform, modular, and extensible digital investigation framework for analyzing volatile system memory.
+
* The [https://www.volatilesystems.com/default/volatility Volatility Framework] is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples.
+
* [http://hysteria.sk/~niekt0/foriana/ foriana] is tool for extraction of some information (process list, modules list, ..) from RAM image. Using logical realtions between OS structures, this detection works on multiple operating systems. Under GNU GPL.
+
  
==Linux Memory Analysis Bibliography==
+
[[Google Desktop Search]]
* [https://www.usenix.org/events/usenix05/tech/freenix/full_papers/movall/movall.pdf Linux Physical Memory Analysis], Paul Movall, Ward Nelson, Shaun Wetzstein, Usenix 2005
+
 
* [http://cisr.nps.edu/downloads/theses/06thesis_urrea.pdf An Analysis Of Linux RAM Forensics], J.M. Urrea, Masters Thesis, Naval Postgraduate School, March 2006
+
== External Links ==
 +
 
 +
* [http://www.microsoft.com/windows/desktopsearch/ Official website]
 +
* [http://en.wikipedia.org/wiki/Windows_Desktop_Search Wikipedia entry on Windows Desktop Search]
 +
* [http://en.wikipedia.org/wiki/List_of_search_engines#Desktop_search_engines Wikipedia list of Desktop search engines]

Revision as of 09:07, 4 April 2007

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

See Also

Google Desktop Search

External Links