Tag Archives: forensics
Forensics – Collecting Volatile Data

Under the principle of “order of Volatility”, you must first collect information that is classified as Volatile Data (the list…

Artificial intelligence packet inspection engine

AIEngine is a next generation interactive/programmable Python/Ruby/Java packet inspection engine with capabilities of learning without any human intervention, NIDS(Network Intrusion…

Debug user-mode processes using a kernel debugger

When a user-mode process deploys various userland anti-debugging tricks, you can use kernel debugging to attach to the process and…

Faster Windows Kernel debugging with Virtual Machines

VirtualKD is a tool that improves your kernel debugging performance with VMWare and VirtualBox. It seamlessly integrates with WinDbg and…

NotMyFault – crash your system

NotMyFault is an open-source tool to crash your system in several different ways and generate a kernel memory dump for…

Enable Memory Kernel Dump

Open Windows Control Panel Open System and Security Open System Click Advanced system settings on the left Press button Settings…..

Dump running Win32 process memory image

User Mode Process Dumper ver. 8.1 (userdump) dumps any running Win32 processes memory image (including system processes such as csrss.exe,…

Computer Forensic Imaging Software

Forensic Imager is a Windows based program that will acquire, convert, or verify a forensic image in one of the…

FileAlyzer – Analyze files – Read PE information

FileAlyzer is a tool to analyze files – the name itself was initially just a typo of FileAnalyzer, but after…

Read Portable Executable (PE) information

PEview provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component…

Next Page