Last Updated: 2011-08-13 18:08:16 UTC
by Rick Wanner (Version: 1)
Dumpit vastly simplifies memory acquisition. Effectively Dumpit combines win32dd and win64dd into one tool and is so simple to use even a non-technical user could do acquisition from a USB key. The dump can then be analyzed using conventional tools such as Redline or Volatility.
For a quick demo of Dumpit, check out the video demo from fellow handler Lenny Zeltser.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)