What's New at DFIR Training

June 20, 2020. Regularly updated, never outdone, check out the latest additions to keep up on your DFIR training! Website updates. DFIR Subcontractor listings, Forensic Artifacts and more.

 Enter for a chance to win a Guardonix Write Blocker!

Enter your name/email address here: I WANT TO WIN!



DFIR Tools

License Type
Forensic Utilities - Misc
The Memory Process File System:

The Memory Process File System is an easy and convenient way of accessing physical memory as files a virtual file system.

Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access physical memory content and artifacts via files in a mounted virtual file system or via a feature rich .dll application library to include in your own projects!

Analyze memory dump files - or even live memory in read-write mode via linked pcileech and pcileech-fpga devices!

Use your favorite tools to analyze memory - use your favorite hex editors, your python and powershell scripts, your disassemblers - all will work trivally with the Memory Process File System by just reading and writing files!

User comments

There are no user comments for this listing.