Difference between revisions of "Memory analysis"

From ForensicsWiki
Jump to: navigation, search
m
(Some links.)
Line 4: Line 4:
 
* [[Linux Memory Analysis]]
 
* [[Linux Memory Analysis]]
 
* [[FreeBSD Memory Analysis]]
 
* [[FreeBSD Memory Analysis]]
 +
 +
== Weblinks ==
 +
 +
* [http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Burdach/bh-fed-06-burdach-up.pdf Mariusz Burdach: Finding Digital Evidence In Physical Memory] (PDF)
 +
* [https://www.usenix.org/events/usenix05/tech/freenix/full_papers/movall/movall.pdf Paul Movall, Ward Nelson, Shaun Wetzstein: Linux Physical Memory Analysis] (PDF)

Revision as of 07:06, 17 July 2006

Memory Analysis is the science of using a memory image to determine information about running programs, the operating system, and the overall state of a computer. Because the analysis is highly dependent on the operating system, we have broken it into subpages:

Weblinks