Software Screenshot:
Mandiant Memoryze is free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis. Features include image the full range of system memory, image a process entire address space to disk, enumerate all running processes, identify all drivers loaded in memory including those hidden by rootkits, report device and driver layering which can be used to intercept network packets, keystrokes, and file activity, identify all loaded kernel modules by walking a linked list, and identify hooks in the System Call Table, the Interrupt Descriptor Tables (IDTs), and driver function tables (IRP tables).
Comments not found