Digital forensic examiners are investigators who are experts in gathering, recovering, analyzing, and presenting data evidence from computers and other digital media related to computer-based .They might work on cases concerning identity theft, electronic fraud,investigation of material found in digital devices ,electronic evidence, often in relation to cyber crimes.
Tuesday, August 2, 2022
Digital Forensics:The Memory Process File System (MemProcFS)
Digital Forensics:The Memory Process File System (MemProcFS)
The Memory Process File System (MemProcFS) is an easy and convenient way of viewing physical memory as files in a virtual file system.
Download or clone the Memory Process File System github repository. Pre-built binaries are found in the files folder.
Please download and install the latest version of Dokany at: https://github.com/dokan-dev/dokany/releases/latest It is recommended to download and install the DokanSetup_redist version.
Mounting the file system requires the Dokany file system library to be installed.
0220718>MemProcFS.exe -device "H:\18 Computer Forensics\CTF\incident-response-challenge.com\Easy - Is that you\Easy - Volatility Find Evil - Is that you\Challenge\memdump.mem" -forensic 1
Python support requires Python 3.6 or later. The user may specify the path to the Python installation with the command line parameter -pythonhome, alternatively download Python 3.7 – Windows x86-64 embeddable zip file and unzip its contents into the files/python folder when using Python modules in the file system.
No comments:
Post a Comment