KnTTools and KnTList released
GMG Systems, Inc. now offers KnTTools and KnTList to a limited group of prospective buyers.
KnTTools contains KnTDD, which is an advanced version of George Garner's Windows port of dd. KnTDD acquires the physical memory of a system running certain versions of Microsoft Windows. The tool also obtains copies of some system files which are needed for a later analysis by KnTLIst.
There's also a version of KnTTools for the enterprise, which features certificate authentication, remote deployment and data submission through SSL and WebDAV.
KnTList is one of the well-known winners of the DFRWS 2005 Memory Analysis Challenge. This program reconstructs internal data structures of the Windows kernel and provides the examiner with a host of information about processes, threads and a multitude of other kernel objects.
More information is available from GMG System, Inc.
