Memory analysis

From ForensicsWiki
Revision as of 14:57, 29 July 2008 by .FUF (Talk | contribs) (Encryption Keys)

Jump to: navigation, search

Memory Analysis is the science of using a memory image to determine information about running programs, the operating system, and the overall state of a computer. Because the analysis is highly dependent on the operating system, we have broken it into subpages:

Encryption Keys

Various types of encryption keys can be extracted during memory analysis. You can use AESKeyFinder to extract 128-bit and 256-bit AES keys and RSAKeyFinder to extract all private and public RSA keys from a memory dump [1].

See Also


[link title]