June 2007 Archives

Digital Forensic Forum Prague 2007

By Andreas Schuster on June 29, 2007 1:00 PM

There's a new conference on the subject of digital forensics forming in Europe. The Digital Forensic Forum (DFF) will be held in Prague, Czech Republic, on November 26 and 27, 2007. The Call for Papers is still open until August 31, 2007.

Continue reading Digital Forensic Forum Prague 2007.

DMP Magic

By Andreas Schuster on June 28, 2007 4:00 PM | 2 Comments

This brief post again provides you with a snippet to go into your magic(5). It allows file(1) to determine whether the page file contains a memory dump. We will then use this information in order to to extract the memory dump from a pagefile.sys.

Continue reading DMP Magic.

Memory Analysis Cheat Sheet

By Andreas Schuster on June 27, 2007 4:00 PM | 2 Comments
I've created a cheat sheet in order to accompany the tutorial held at the FIRST Conference 2007. On four pages it lists the most frequently used commands of Microsoft's Debugger and some other memory analysis tools along with some structures and kernel variables. Get the cheat sheet here.

Finally...

By Andreas Schuster on June 15, 2007 7:10 PM

A blog post by Harlan Carvey made me aware of some official documentation of the Event Log Header and EOF structures.

Continue reading Finally....
« May 2007 | Main Index | Archives | July 2007 »

Search

Deutsch

Deutschsprachige Ausgabe

Recent Entries

Tag Cloud

Categories

Archives

Imprint

This blog is a project of:
Andreas Schuster
Im Äuelchen 45
D-53177 Bonn
impressum@forensikblog.de

Copyright © 2005-2012 by
Andreas Schuster
All rights reserved.
Powered by Movable Type 5.12