Dump it Tool utility is used to generate a physical memory dump of Windows machines. It works with both x86 (32-bits) and x64 (64-bits) machines. The system generates the raw memory dump in the current directory, and it prompts a confirmation question before starting. Perfect to deploy the executable on USB keys, for quick incident […]
List of Computer Forensics Tools (Part 1)
Process Explorer: The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts. Whereas, the information displayed in the bottom window depends on the mode that Process Explorer is in. If it is in handle mode you’ll see the […]
Find Last Connected USB on your system (USB Forensics)
USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. For each USB device, exteneded information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID, ProductID, and more… USBDeview […]