Resources
On this page I've collected links to interesting resources, such as web sites and presentations, which I found handy and may be of some use to you.
I will add resources to this page as I find them, just check back regularly.
Forensic IT
Forensic Live CDs (Linux)
Tools
- win32dd / win64dd - Copy your RAM or generate Windows crash dumps
- Photorec - Carve files out of memory and crash dumps
- Volatility Framework - Various features for examining memory and crash dumps (runs on Python 2.x)