ForensicZone
A site for “Computer Crime” Investigators Where we can share our tips, tricks and mistakes…
Monday, May 19, 2008
›
I am presenting a two-day course on RAM Acquisition and RAM Analysis at Digital Intelligence. The course is June 10-12, 2008 and is FREE ....
Saturday, May 3, 2008
BIOS Magic Numbers in RAM (Beta)
›
A colleague of mine approached me after teaching a class on finding information in RAM. He asked me to prove a particular RAM acquisition c...
Friday, May 2, 2008
RAM Enscript Version 1.0
›
RAM ENSCRIPT UPDATED!!! Download The new RAM Enscript contains: OS Identification Processes (Exited / Running) Registry Remnants (UserAssis...
Saturday, March 15, 2008
Practical of “15 Minute Virus Analysis”
›
I want to show a practical of my “15 Minute Virus Analysis” You must download the RADA Virus if you want to “play” along. The RADA Virus...
Friday, February 29, 2008
Fifteen Minute Malaware Analysis
›
Tools: 1. VMWARE Workstation or VMWARE Server (Sever=free) 2. Windows 2000 (Small$) 3. TextScan - Free (by AnalogX) http://www.analogx.c...
Friday, February 22, 2008
“Lest We Remember: Cold Boot Attacks on Encryption Keys"
›
Seems like a team of Princeton students have put together a very well done website , research paper (pdf) and video regarding acquiring R...
1 comment:
Sunday, January 27, 2008
XPSP3 - How this is going to affect RAM Analysis?
›
Well to sum up XPSP3 (for RAM Analysis) I’d say the prognosis is great. The key offsets that I look for in the EPROCESS (Page Directory Bas...
2 comments:
‹
›
Home
View web version
