Difference between revisions of "Tools:Memory Analysis"

From ForensicsWiki
Jump to: navigation, search
(New page: The following tools can be used to conduct memory analysis == Memory Analysis Framework == * Volatility - A complete framework for analyzing Windows XP Service Pack 2 memory images. ...)
 
m
Line 1: Line 1:
 
The following tools can be used to conduct memory analysis
 
The following tools can be used to conduct memory analysis
  
== Memory Analysis Framework ==
+
== Memory Analysis Frameworks ==
* [[Volatility]] - A complete framework for analyzing Windows XP Service Pack 2 memory images.
+
* [[Volatility Framework]] - A complete framework for analyzing Windows XP Service Pack 2 memory images.
  
 
== Browser Email Memory Tool ==
 
== Browser Email Memory Tool ==
 
* [http://www.jeffbryner.com/code/pdgmail pdgmail] is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.
 
* [http://www.jeffbryner.com/code/pdgmail pdgmail] is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.

Revision as of 13:51, 15 January 2009

The following tools can be used to conduct memory analysis

Memory Analysis Frameworks

  • Volatility Framework - A complete framework for analyzing Windows XP Service Pack 2 memory images.

Browser Email Memory Tool

  • pdgmail is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.