Process Dumper is able to make a dump of a running process in a forensical manner.
Features
* dumps the whole process space (all data and code mappings)
* uses meta information to describe the different mappings (needed for advanced analysis)
* also saves the process environment and state
* outputs to stdout, so its possible to combine it with other tools (netcat etc.)
* doesn't touch the harddisk at all
Website
trapkit.de/research/forensic/pd
No comments:
Post a Comment