Malware analysis and digital forensic analysis are processes that often needs the analyst to look into system memory.In this regard, a good analyst must have at least a base knowledge of Windows Memory Management.
Tag: memory forensics
Spoiler: shame on DumpIT!
In a comment on my article Volatility, my own cheatsheet (Part 3): Process Memory, Fabrizio asked me: […] da un dump di memoria su un sistema win7, ho rilevato che era in esecuzione notepad, è possibile visualizzarne il contenuto? ([…] from a memory dump on a win7 system, I found out that notepad was running, […]