I am currently doing security work in the area of after the event forensics to give it it's full title.
I am using @stake task to run analysis against the unallocated space on the suspect disk but am lacking a utility to analysis the nt pagefile. I am looking for a utility (preferable freeware) that will allow me to analyze a windows pagefile. I have tools that allow me to boot the machine and remove the idle pagefile, but how can I go through the contents. NTI Getfree software claims to do it but at a high cost. I don't believe I can access a pagefile on a live machine but please correct me if I am wrong, I am using a linux bootable CD with tools to mount the drive and ftp the pagefile to another machine or disk. Trevor Cushen
