Forensics

You can dump Linux or Unix server memory. This is useful for forensics analysis, and testing your own system. This is often desirable to see:

  • What code and what data actually resides in memory.
  • You can search for specific pids memory.
  • Search memory for string and other data such as passwords.
  • Works as add-on tool for gdb and others.
  • Search/replace/dump memory from running processes and core files.
  • All kinds of deep hacking activities that simply saves your time and solve problems.

{ 5 comments }