ATC-NY Releases Two New Free Forensics Tools

ATC-NY has just released two free, new forensics tools: Mac Memory Reader and eMule Reader. Mac Memory Reader is a simple command-line utility to capture the contents of physical RAM on a suspect Macintosh computer, letting an investigator gather volatile state information prior to shutting the machine down. Mac Memory Reader is based on the physical RAM acquisition tools in Mac Marshal Field Edition, a computer forensic tool for Mac OS X investigations…The eMule Reader utilities are a collection of command-line tools that parse and output the contents of configuration and log files from the eMule P2P file-sharing client. These tools are based on the eMule acquisition and analysis tools in P2P Marshal, a computer forensic tool for automated peer-to-peer investigations.

Mac Memory Reader and eMule Reader are now available for download, free of charge.

No registration is required.

For more information or to download these utilities, go to:

Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.

For more information about P2P Marshal, Mac Marshal, and other ATC-NY forensics tools, visit:


Located in Ithaca, NY, ATC-NY conducts advanced research and development in computer security and information assurance. ATC-NY is a subsidiary of Architecture Technology Corporation (ATC), headquartered in Eden Prairie, MN. Founded in 1981, ATC specializes in software-intensive solutions for complex problems in information security, enterprise-scale network computing architectures, and network management. ATC’s customers include firms in the private sector and government agencies such as the U.S. Department of Defense, Homeland Security and Transportation.

Leave a Comment

Latest Articles