Tools:Memory Analysis

From ForensicsWiki
Revision as of 18:07, 24 January 2009 by Andrewtappert (Talk | contribs)

Jump to: navigation, search

The following tools can be used to conduct memory analysis.

Memory Analysis Frameworks

  • Volatility Framework - A complete framework for analyzing Windows XP Service Pack 2 memory images.
  • Second Look from Pikewerks Corporation - A toolset (GUI/CLI/API) for the analysis of Linux memory images, for information assurance, forensics, incident response, and reverse engineering.

Browser Email Memory Tool

  • pdgmail is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.