A powerful digital forensics tool that will help you to analyze windows physical RAM dumps.
This tool can do the following things after loading your RAM physical dump:
- Get list of all processes that were running at the moment when the dump was taken
- Get information about each process virtual memory space paging
To use this tool you will need to install GLFW library.
This is an example of how to list things you need to use the software and how to install them.
- zsh
brew install glfw
Build the project using CMake and have fun.