add Process dump tools

2024-10-01 01:06:19 -04:00 · 2015-11-13 23:08:59 +02:00 · 2015-11-13 23:08:59 +02:00 · ef66a82c26
commit ef66a82c26
parent 94b0259e36
1 changed files with 5 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -6,6 +6,7 @@ A curated list of tools for incident response
 - [Disk Image Creation Tools](#disk-image-creation-tools)
 - [Memory Analysis Tools](#memory-analysis-tools)
 - [Memory Imaging Tools](#memory-imaging-tools)
 - [Process Dump Tools](#process-dump-tools)
 ## IR tools Collection
@ -27,3 +28,7 @@ A curated list of tools for incident response
 ### Memory Imaging Tools
 * [OSForensics](http://www.osforensics.com/) - OSForensics can acquire live memory on 32bit and 64bit systems. A dump of an individual process’s memory space or physical memory dump can be done
 * [Belkasoft Live RAM Capturer](http://forensic.belkasoft.com/en/ram-capturer) - A tiny free forensic tool to reliably extract the entire content of the computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system
 ### Process Dump Tools
 * [PMDump](http://ntsecurity.nu/toolbox/pmdump/) - PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process
 * [Microsoft User Mode Process Dumper](http://www.microsoft.com/en-us/download/details.aspx?id=4060) - The User Mode Process Dumper (userdump) dumps any running Win32 processes memory image on the fly