archive
Tag: Physical Memory Analysis

2014/05/19

Physical Memory Analysis – Volatility

by Destruct_Icon
Categories: Analysis, Host Forensics
Tags: ,
Comments: Leave a Comment

Volatility So far we have gone through two other means of memory analysis; Bulk Extractor and Foremost. We plan to go very deep into Volatility at a later date but, as this run of posts is about basics of phys mem, I want to keep this relatively short and sweet. Volatility is a collection of[…]

2014/03/30

Physical Memory Analysis – Bulk Extractor

by Destruct_Icon
Categories: Analysis, Host Forensics
Tags: ,
Comments: Leave a Comment

Bulk Extractor The second tool in our list for Physical Memory Analysis is Bulk Extractor. Bulk extractor is used to list everything out of memory into text files which will then allow you to quickly identify keywords. Let’s get started with the GUI. In order to run BE against a memory dump you will want[…]


Today is Tuesday
2018/01/23