From 94b0259e366e15859ca60118e161b4ae50f58ebd Mon Sep 17 00:00:00 2001
From: Meir Wahnon <meir@demisto.com>
Date: Fri, 13 Nov 2015 21:15:55 +0200
Subject: [PATCH] add Memory Imaging Tools

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index c9b8107..0d02283 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,7 @@ A curated list of tools for incident response
 
 - [Disk Image Creation Tools](#disk-image-creation-tools)
 - [Memory Analysis Tools](#memory-analysis-tools)
+- [Memory Imaging Tools](#memory-imaging-tools)
 
 ## IR tools Collection
 
@@ -23,3 +24,6 @@ A curated list of tools for incident response
 * [Responder PRO](http://www.countertack.com/responder-pro) - Responder PRO is the industry standard physical memory and automated malware analysis solution
 * [KnTList](http://www.gmgsystemsinc.com/knttools/) - Computer memory analysis tools 
 
+### Memory Imaging Tools
+* [OSForensics](http://www.osforensics.com/) - OSForensics can acquire live memory on 32bit and 64bit systems. A dump of an individual process’s memory space or physical memory dump can be done
+* [Belkasoft Live RAM Capturer](http://forensic.belkasoft.com/en/ram-capturer) - A tiny free forensic tool to reliably extract the entire content of the computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system