Magnet RAM Capture is a free imaging tool designed to capture the physical memory of a suspect’s computer, allowing investigators to recover and analyze valuable artifacts that are often only found in memory.
First download magnet forensics from here and install in your pc.
Now select the folder Path where memory Dump file will be created by clicking Browse option. Click on Start.
After process completion, it will create a memory dump file.
Belkasoft Live RAM Capturer
Belkasoft Live RAM Capturer is a tiny free forensic tool to reliably extract the entire content of the computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system. Separate 32-bit and 64-bit builds are available in order to minimize the tool’s footprint as much as possible.
First download Belkasoft Live RAM Capturer from here and install in your pc
Open Belkasoft Live Ram Capture. And Select the Folder Path. And click on Capture option.
Now It will create a memory dump file.
DumpIt – RAM Capture Tool
MoonSols DumpIt is a fusion of win32dd and win64dd in one executable, no options is asked to the end-user. Only a double click on the executable is enough to generate a copy of the physical memory in the current directory.
First Download Dumpit from Here and Save in Your Desktop.
Now run Dumpit.exe file the raw memory dump will be generated and save to the same directory.
AccessData FTK Imager
FTK Imager can acquire live memory and paging file on 32bit and 64bit systems.
First Download FTK Imager from here and install in your pc. Click on button “Capture Memory” how the picture below:
On the next window choice the directory to storage the extracted files, and click on the button “Capture Memory”
Wait for the process finish.
A memory dump file will be created on the source directory.
Author: Mukul Mohan is a Microsoft Certified system engineer in security and messaging .He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Technical Training experience you can contact him at mukul@ignitetechnologies.in
The post 4 ways Capture Memory for Analysis (Memory Forensics) appeared first on Hacking Articles.