Live Cyber Forensics Analysis with Computer Volatile Memory

May 14, 2020 04:00 pm Cyber Security 211
Live Cyber Forensics Analysis with Computer Volatile Memory


Forensics Analysis

The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted in an electronic or magnetic form (that is, digital evidence).


You can Also Learn Computer Forensics & Cyber Crime Investigation. Using Open Source Tools to enhance more skills.

Forensics Analysis – Volatile Data:


  • The data that is held in temporary storage in the system’s memory (including random access memory, cache memory, and the onboard memory of system peripherals such as the video card or NIC) is called volatile data because the memory is dependent on electric power to hold its contents.

  • When the system is powered off or if power is disrupted, the data disappears.

    • How to Collect Volatile Data:


  • There are lots of tools to collect volatile memory for live forensics or incident response.In this, we are going to use Belkasoft live ram Capture Tool.

  • After the capture of live data of RANDOM ACCESS MEMORY, we will analyze with Belkasoft Evidence Center Ultimate Tool.

    • Also Read Windows Registry Analysis – Tracking Everything You Do on the System


    Acquisition of live Volatile Memory:


    Run the tool as an administrator and start the capture.




    Dump File Format:


    After the successful capture of live Ram memory. The file is will be saved in .mem extension.



    cyber forensics analysis computer volatile memory
    Read The Rest from the original source
    gbhackers.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!