tag:blogger.com,1999:blog-6297075682598647525.post8408998666802801538..comments2024-01-18T02:01:08.705-08:00Comments on ForensicZone: XPSP3 - How this is going to affect RAM Analysis?ForensicZonehttp://www.blogger.com/profile/07501220425644973307noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-6297075682598647525.post-25253018473643305722008-02-03T19:00:00.000-08:002008-02-03T19:00:00.000-08:00KeydetOSID.pl is a great tool for determining the...Keydet<BR/>OSID.pl is a great tool for determining the OS of a RAM Capture and is also used in PTFinderFE. I do need to update PTFinderFE which is built on Andres Schuster’s PTFinder. Is there any similar tools to this in you new Perl Script book?” Perl Scripting for IT Security<BR/>RickForensicZonehttps://www.blogger.com/profile/07501220425644973307noreply@blogger.comtag:blogger.com,1999:blog-6297075682598647525.post-66316784772666888132008-02-03T06:09:00.000-08:002008-02-03T06:09:00.000-08:00You could use osid.pl from the Windows Forensic An...You could use osid.pl from the Windows Forensic Analysis DVD (or from Sourceforge) to get the OS of the RAM dump.H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.com