Difference between pages "Tools:Memory Analysis" and "Firefox"
From Forensics Wiki
(Difference between pages)
|
|
| Line 1: |
Line 1: |
| − | The following tools can be used to conduct memory analysis.
| + | #REDIRECT [[Mozilla Firefox]] |
| − | | + | |
| − | == Memory Analysis Frameworks ==
| + | |
| − | * [[Volatility Framework]] - A complete framework for analyzing Windows, Linux and Mac OSX memory images.
| + | |
| − | * [http://www.windowsscope.com WindowsSCOPE Pro, Ultimate] - Comprehensive toolkit for the capture and analysis of Windows physical and virtual memory targeting cyber analysis, forensics/incident response, and education. Software and hardware based acquisition with [http://www.windowsscope.com/index.php?option=com_virtuemart&Itemid=34 CaptureGUARD PCIe and ExpressCard].
| + | |
| − | * [http://www.windowsscope.com WindowsSCOPE Live] live fetch and analysis of Windows computers on a network from Android smartphones and tablets.
| + | |
| − | * [[Second Look]] from [http://www.pikewerks.com Raytheon Pikewerks Corporation] - provides Linux memory forensics, including acquisition and analysis.
| + | |
| − | | + | |
| − | == Browser Email Memory Tool ==
| + | |
| − | * [http://www.jeffbryner.com/code/pdgmail pdgmail] is a python script to extract gmail artifacts from memory images. Made for images extracted with pdd, but works with any memory image.
| + | |
| − | | + | |
| − | == Instant Messenger Memory Tool ==
| + | |
| − | * [http://belkasoft.com Belkasoft Evidence Center] is a tool by [[Belkasoft]] which allows for retrieving various Instant Messenger artifacts from an attached memory image.
| + | |
Latest revision as of 09:05, 13 December 2008
- REDIRECT Mozilla Firefox
