Windows Memory Reader
March 18, 2013
ATC-NY's new computer forensic tool, Windows Memory Reader, is a simple command-line utility to capture the contents of physical RAM on a suspect computer, letting an investigator gather volatile state information prior to shutting the machine down. Results are stored in a Windows crash dump or raw binary file for later off-line analysis by the investigator. Researchers can also use Windows Memory Reader to capture memory-mapped device data, such as shared video memory.
For more information, click here
Request information about this product
Other Recent Products
Who needs a million points and the high expense of scanners? Collect only the points you...
The new PW6 In-Car Video System from PatrolWitness is compact, rugged, and reliable; and...
CLEAR is a powerful research tool that helps law enforcement investigators close cases...