Have you tried the following: free/open source tools volatility mandiant's memoryze get mandiant's auditviewer and use as the front-end to memoryze
not so free tools FTK 3.0.x Encase 6.5 (but you will need to find the memory analysis scripts) HBGary responder I would suggest start with Mandiants products, if you have issues with the tools running against the image can you pass on which ones did or didnt work. Larry On Thu, Mar 11, 2010 at 4:35 PM, Norman Rach <[email protected]> wrote: > From what I can tell, there are plenty of tools available to dump RAM on a > x64 Windows system. Unfortunately, I haven't found any tools that will > actually parse the dump. Do y'all have any recommendations? > > Thanks! > > ------------------------------ > Hotmail: Powerful Free email with security by Microsoft. Get it > now.<http://clk.atdmt.com/GBL/go/201469230/direct/01/> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Larry McDonald
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
