Resources
On this page I’ve collected links to interesting resources, such as web sites and presentations, which I found handy and may be of some use to you.
I will add resources to this page as I find them, just check back regularly.
Forensic IT
Forensic Live CDs (Linux)
Tools
- win32dd / win64dd – Copy your RAM or generate Windows crash dumps
- Photorec – Carve files out of memory and crash dumps
- Volatility Framework – Various features for examining memory and crash dumps (runs on Python 2.x)