ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between pages "Vendors" and "Memory analysis"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Hardware Vendors)
 
(Add "Lest We Remember: Cold Boot Attacks on Encryption Keys" paper.)
 
Line 1: Line 1:
= Software Vendors =
+
'''Memory Analysis''' is the science of using a [[Tools:Memory Imaging|memory image]] to determine information about running programs, the [[operating system]], and the overall state of a computer. Because the analysis is highly dependent on the operating system, we have broken it into subpages:
  
; [[AccessData]] - [[Forensic Toolkit]] ([[FTK]])
+
* [[Windows Memory Analysis]]
: http://www.accessdata.com/products/
+
* [[Linux Memory Analysis]]
 +
* [[FreeBSD Memory Analysis]]
  
; [[ASR Data]] - [[SMART]]
+
== See Also ==
: http://www.asrdata.com/SMART/
+
  
; [[BlackBag Technologies]]
+
* [[Tools:Memory Imaging]]
: http://www.blackbagtech.com/software.html
+
  
; [[Computer Forensic Analysis]]
+
== Weblinks ==
: http://www.porcupine.org/forensics/
+
  
; [[Computer Cop Forensic Examiner]]
+
* [http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Burdach/bh-fed-06-burdach-up.pdf Mariusz Burdach: Finding Digital Evidence In Physical Memory] (PDF)
: http://www.computercop.com/examiner.html
+
* [https://www.usenix.org/events/usenix05/tech/freenix/full_papers/movall/movall.pdf Paul Movall, Ward Nelson, Shaun Wetzstein: Linux Physical Memory Analysis] (PDF)
 
+
* [http://citp.princeton.edu/memory/ Lest We Remember: Cold Boot Attacks on Encryption Keys] ([http://citp.princeton.edu.nyud.net/pub/coldboot.pdf PDF])
; [[CPR Tools]]
+
: http://www.cprtools.net
+
: Data Recovery, Data Security and Development Tools
+
 
+
; [[Forensic and Security Services, Inc.]] - [[Rainbow Tables]]
+
: http://www.For-Sec.com
+
; Hub/MO/VO VAR for
+
 
+
: AccessData
+
: Paraben
+
: Wetstone
+
: DiskJockey forensic
+
: Objectif Securite - Rainbow Tables for - LM and NT hashes and MS Office documents
+
 
+
; [[Guidance Software]] - [[EnCase]]
+
: http://www.guidancesoftware.com/products/index.asp
+
 
+
; [[MaresWare Software]]
+
: http://www.maresware.com/maresware/software.htm
+
 
+
; [[NTI - Forensics International]] Division of Armor Forensics
+
: http://www.forensics-intl.com/tools.html
+
 
+
; [[Nuix Pty Ltd]] - [[FBI]]
+
: http://www.nuix.com.au
+
 
+
; [[Paraben Forensics]]
+
: http://www.paraben-forensics.com/
+
 
+
; [[PyFlag]]
+
: http://pyflag.sourceforge.net/
+
 
+
; Steganography Analysis and Research Center / Backbone Security
+
: General Product Information http://www.sarc-wv.com/products.aspx
+
: Backbone Security http://www.backbonesecurity.com
+
: Steganography Application Fingerprint Database (SAFDB) http://www.sarc-wv.com/safdb.aspx
+
: Steganography Analyzer Artifact Scanner (StegAlyzerAS) http://www.sarc-wv.com/stegalyzeras.aspx
+
: Steganography Analyzer Signature Scanner (StegAlyzerSS) http://www.sarc-wv.com/stegalyzerss.aspx
+
 
+
; [[Tech Assist, Inc.]]
+
: http://www.toolsthatwork.com/
+
 
+
; [[Technology Pathways]] - [[Pro Discover]]
+
: http://www.techpathways.com/
+
 
+
; [[Wetstone Technologies]]
+
:http://www.wetstonetech.com/page/page/3004314.htm
+
 
+
; [[X-Ways Software]]
+
: http://www.x-ways.net/
+
 
+
= Hardware Vendors =
+
; [[BlackBag Technologies]]
+
: http://www.blackbagtech.com/hardware.html
+
: [[Write Blockers]]
+
 
+
; [[CPR Tools]]
+
: [[Media Research and Data Recovery]]
+
: http://www.cprtools.net
+
: [[Adapters]], [[Imaging Hardware]], [[Field Kits]], [[Data Recovery tools]]
+
 
+
; [[Digital Intelligence]]
+
: http://www.digitalintelligence.com/forensichardware.php
+
: [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[Forensic and Security Services, Inc.]] - [[Field kits, write blockers]]
+
: http://www.For-Sec.com
+
; Hub/MO/VO VAR for
+
 
+
: AccessData
+
: Paraben
+
: Wetstone
+
: DiskJockey forensic
+
 
+
; [[Forensic-Computers]]
+
: http://www.forensic-computers.com/
+
: Various systems, [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[ForensicPC]]
+
: http://www.forensicpc.com/
+
: Various [[Write Blockers]], [[forensic field kit]]s, forensics software, etc.
+
 
+
; [[MyKey Tech]]
+
: http://www.mykeytech.com/
+
: [[Write Blockers]]
+
 
+
; [[Paraben Forensics]]
+
: http://www.paraben-forensics.com/catalog/index.php?cPath=26
+
: [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[Technology Pathways]]
+
: http://www.techpathways.com/
+
: [[Write Blockers]]
+
 
+
; [[Wiebetech]]
+
: http://wiebetech.com/
+
: Various [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
= Training =
+
 
+
== Open for everyone ==
+
 
+
* [http://www.cprtools.net/training.php CPR Tools Training (Basic and Advanced Data Recovery)]
+
* [http://www.accessdata.com/training/ AccessData Training]
+
* [http://www.forensics-intl.com/training.html Armor Forensics (NTI - Forensics International)]
+
* [http://www.asrdata.com/training/ ASR Data Training]
+
* [http://www.blackbagtech.com/training.html BlackBag Tech Training]
+
* [http://www.cce-bootcamp.com/ Certified Computer Examiner BootCamp]
+
* [http://www.for-sec.com/p38.htm For-Sec Vendor classes, Cellphone/PDA seizure, and CFR 26 rules classes]
+
* [http://www.cftco.com/ Computer Forensics Training Center On-Line]
+
* [http://www.e-fense.com/training.html e-fense Inc]
+
* [http://www.nuix.com.au/screencasts.html FBI Screencast Training]
+
* [http://www.guidancesoftware.com/training/index.asp Guidance Software (EnCase) Training]
+
* [http://www.infosecinstitute.com/courses/security_training_courses.html InfoSec Institute]
+
* [http://www.crazytrain.com/training.html Linux Data Forensics Training]
+
* [http://www.maresware.com/maresware/training/maresware.htm Maresware Training]
+
* [http://www.paraben-training.com/ Paraben Forensics Training]
+
* [http://www.sarc-wv.com/training.aspx Steganography Analysis and Research Center / Backbone Security]
+
* [http://www.techpathways.com/DesktopDefault.aspx?tabindex=5&tabid=9 Technology Pathways Pro Discover Training]
+
* [http://www.vigilar.com/training.html Vigilar]
+
* [http://www.wetstonetech.com/page/page/3004314.htm Wetstone Technologies]
+
 
+
== Law enforcement only ==
+
 
+
* [http://www.fletc.gov/cfi/fy06tibsched.htm Federal Law Enforcement Training Center]
+
* [http://www.cops.org/ IACIS Computer Training/Certification]
+
* [http://nw3c.org/ocr/courses_desc.cfm National White Collar Crime Center]
+
* [http://www.search.org/programs/hightech/courses.asp Search.Org]
+

Revision as of 16:25, 3 March 2008

Memory Analysis is the science of using a memory image to determine information about running programs, the operating system, and the overall state of a computer. Because the analysis is highly dependent on the operating system, we have broken it into subpages:

See Also

Weblinks