WINHEX at www.winhex.net is a great tool for viewing live memory etc. Philip Bartholomew Network administrator: CmsWebView plc U.K (+44) 207 7020202 mailto:Philip.Bartholomewat_private "Roses are red, violets are blue if only all things where so simple and true" -----Original Message----- From: H C [mailto:keydet89at_private] Sent: 12 November 2002 11:15 To: forensicsat_private Cc: knutat_private; JHowieat_private; for3nsicsat_private Subject: Re: Dumping RAM contents on Win NT / 2000 > We, Security Toolkit, have a custom application that > does 2) from the command line - There's already a freeware "custom application that does 2)" available...pmdump, which can be found at http://www.ntsecurity.nu. I've used it in conjunction w/ strings.exe to pull some interesting data from processes... HTH __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2 ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs SkyScan service. For more information on a proactive anti-virus service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________ ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Nov 12 2002 - 06:16:09 PST