Matthieu Suiche's blog

Archive for August 23rd, 2008

Sandman shell. Your hibernation file in a nutshell. – Part I

August - 23 - 2008

Posted by Matthieu Suiche

Comments Off

I’d like to introduce a new tool I plan to release later. This tool aims at providing a local shell to explore the windows hibernation file like windbg, or livekd can do with crash dump using SandMan framework. The most interesting point regarding the usage is the loading of Microsoft Debugging Symbols to retrieve critical [ Read More ]

READ FULL POST

Twitter Updates

New commands in WinDbg 6.2.8102.0 http://t.co/Q91NXKLF # 2011/10/02

RT @joshuamsmith_: MoonSols DumpIt released free of charge. (dd for windows, great for forensics) very cool, thx to @MoonSols http://t.c ... # 2011/08/13

"Interesting Malware Trick" using MoonSols DumpIt http://t.co/ljlGpQJ # 2011/08/13

Remember 5-days private training are also available if you want to learn more. See http://bit.ly/l4RAxc for more information. #BlackHat # 2011/08/01

Second round of training about Advanced Physical Memory Acquisition and Analysis starting today ! #BlackHat #LasVegas # 2011/08/01

Happiness only real when shared.

Archive for August 23rd, 2008

Sandman shell. Your hibernation file in a nutshell. – Part I

Twitter Updates

Featured Video

Sponsors

Keep connected

Recent Posts

Categories

Archives