TechJournal

Wednesday, May 11, 2011

Mac memory reader

Mac Memory Reader is a simple command-line
utility to capture the contents of physical RAM on a suspect computer,
letting an investigator gather volatile state information prior to
shutting the machine down.  Results are stored in a Mach-O binary file
for later off-line analysis by the investigator.

Mac Memory Reader is available free of charge.  It executes directly
on 32- and 64-bit target machines running Mac OS X 10.4, 10.5, or 10.6
and requires a PowerPC G4 or newer, or any Intel processor.

More about the tool
here.
Posted by Kiran Vangaveti at 11:08 AM
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Newer Post Older Post Home

SANS NewsBites

Loading...

Blog Archive

  • ►  2016 (1)
    • ►  May (1)
  • ►  2014 (1)
    • ►  January (1)
  • ►  2013 (7)
    • ►  October (4)
    • ►  August (3)
  • ►  2012 (84)
    • ►  October (12)
    • ►  September (3)
    • ►  August (15)
    • ►  July (5)
    • ►  June (7)
    • ►  May (7)
    • ►  April (6)
    • ►  March (5)
    • ►  February (19)
    • ►  January (5)
  • ▼  2011 (106)
    • ►  December (3)
    • ►  November (15)
    • ►  October (1)
    • ►  August (2)
    • ►  June (6)
    • ▼  May (12)
      • Tools
      • Salvaging Digital Video Fragments
      • SniffJoke
      • Lock Down Your Computer Like the NSA
      • Tool Updated: Process Hacker
      • Mac memory reader
      • Free Tools for Mac and IOS Forensics
      • Scalpel 2.0 is here with lots of new features
      • Latest Web Hacking Incident Database (WHID) Entries
      • SpyEye Targets Opera, Google Chrome Users
      • VUPEN pwns Chrome
      • FTP Keylogger
    • ►  April (16)
    • ►  March (51)
  • ►  2010 (1)
    • ►  January (1)
  • ►  2009 (12)
    • ►  September (7)
    • ►  August (1)
    • ►  July (1)
    • ►  March (3)
  • ►  2007 (1)
    • ►  March (1)
Simple theme. Powered by Blogger.