Windows 7 dump file forensic analysis

General (Technical, Procedural, Software, Hardware etc.)

Last Post by MShafiq01 14 years ago

3 Posts

2 Users

0 Reactions

912 Views

RSS

MShafiq01

(@mshafiq01)

New Member

Joined: 14 years ago

Posts: 4

Topic starter 20/01/2012 11:59 pm

how to analyse windows 7 crash dump file.
how to grab sensitive information from windows 7 crash dump file.

Quote

YogeshKhatri

(@yogeshkhatri)

Eminent Member

Joined: 15 years ago

Posts: 26

23/01/2012 12:45 pm

Use windbg or Kernel Memory Space Analyzer (KMSA).

Here is a helpful presentation on forensics on crash dump file
https://sites.google.com/site/tietjenk/ForensicCrashDumpAnalysis.pdf

ReplyQuote

MShafiq01

(@mshafiq01)

New Member

Joined: 14 years ago

Posts: 4

Topic starter 23/01/2012 3:07 pm

Thanks for reply.
Actually i want to do research on windows 7 dump file, so i was wondering if any work on windows 7 dump file has allready been done, if not so then i can go for it. as far as i have searched only upto windows xp crash dump file has been analysed but nothing about windows 7.
i would appreciate if you can advise me on my research topic.

Regards
M Shafiq

ReplyQuote

Android Forensics

I have conducted a logical and partial extraction of a ...

By SgtAndroid , 23 hours ago
Article: The Balance Between Digital Forensic Examiners And Digital Evidence Technicians: Expertise Vs. Efficiency

Can digital forensic labs cut backlogs without cutting ...

By Zoe , 2 days ago
Prefetch Question

Hello All, I have a question regarding Windows prefet...

By Forensic_Tester , 2 days ago

8 Forums
15.7 K Topics
92.3 K Posts
190 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed