"Sup" (...been a long while)
PTFinderFE is obsolete do to the new innovations in Volatility.
(Updated 10/20/13)My New Volatility Batch File Maker does all that PTFinderFE did and MORE!!!
*****Known Issue with processing x64 memory and creating Memdump.bat, Procmemdump and Vaddump.bat files -Fix by 10-21-2013
The New Volatility Batch File Maker is a little kludgy but usable.
The Win8 (very beta V6) Enscript does find eprocess block artifacts but doesn't currently include the offset to the PDB or the Offset.( I know- the offset to the offset)
Other Tools
Graphviz 2.34 MSI
Volatility 2.2 Standalone .exe
Volatility Test Samples
1 comment:
Cognitech develops Advanced Image Processing Software. Get the latest Image Processing Software from the most trusted company.
Post a Comment