Thursday, January 15, 2009

Practitioner's Guide to Capturing and Analysis of RAM

This is a late post, but I've been busy... I learned about this video from Moyix on the Volatility irc channel (#volatility on freenode). It's nice that people like vol2html. It encourages me to add more to it...

There's more info here if you are interested. I'm glad to see that memory analysis is getting more visibility. Cool stuff! Enjoy!

Dale Beauchamp - DojoSec January 2009 from Marcus Carey on Vimeo.

Anonymous said...

I found that imaging to usb is possible and better then imaging to the hard drive. I did some timing test and found that using a usb thumb drive is slow but going to a usb hard drive seemed to work much better. Also with the different capture programs speed can differ.