From Forensics Wiki
Revision as of 13:07, 24 January 2009 by Andrewtappert
The following tools can be used to conduct memory analysis.
Memory Analysis Frameworks
- Volatility Framework - A complete framework for analyzing Windows XP Service Pack 2 memory images.
- Second Look from Pikewerks Corporation - A toolset (GUI/CLI/API) for the analysis of Linux memory images, for information assurance, forensics, incident response, and reverse engineering.
Browser Email Memory Tool
- pdgmail is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.