Digital forensic examiners are investigators who are experts in gathering, recovering, analyzing, and presenting data evidence from computers and other digital media related to computer-based .They might work on cases concerning identity theft, electronic fraud,investigation of material found in digital devices ,electronic evidence, often in relation to cyber crimes.
▼
Tuesday, August 2, 2022
Digital Forensics:The Memory Process File System (MemProcFS)
Digital Forensics:The Memory Process File System (MemProcFS)
The Memory Process File System (MemProcFS) is an easy and convenient way of viewing physical memory as files in a virtual file system.
Download or clone the Memory Process File System github repository. Pre-built binaries are found in the files folder.
Please download and install the latest version of Dokany at: https://github.com/dokan-dev/dokany/releases/latest It is recommended to download and install the DokanSetup_redist version.
Mounting the file system requires the Dokany file system library to be installed.
0220718>MemProcFS.exe -device "H:\18 Computer Forensics\CTF\incident-response-challenge.com\Easy - Is that you\Easy - Volatility Find Evil - Is that you\Challenge\memdump.mem" -forensic 1
Python support requires Python 3.6 or later. The user may specify the path to the Python installation with the command line parameter -pythonhome, alternatively download Python 3.7 – Windows x86-64 embeddable zip file and unzip its contents into the files/python folder when using Python modules in the file system.
No comments:
Post a Comment