Sunday, August 2, 2009

mdd for windows memory dumps

I have used 'dd.exe' from the Forensic Acquistion Utilities toolkit for Windows memory dumps in the past. The website now appears to be down, so I tried out mdd, an open source project. Worked a treat.

No comments: