Sysinternals SPS Suite
The Sysinternals program suite, now
Windows Sysinternals, is the Mark Russinovich system utilities collection
dedicated to IT professionals and software developers.
1344 free programs available... and growing!
Every single program shown here is available for free
directly from SyMenu so
download SyMenu and get them all!
Click on a program to get its details
WinPmem
Version: 3.3 RC3
Release: 2019-08-20
Category: Security - Forensic Tools
Size: 2489Kb
Dependency:
Not stealth:
Publisher: Velocidex
Description:
This is a physical memory imager which implements the following features:
- This code builds on 64 bit windows as well as 32 bit windows.
- A read device interface is used instead of writing the image from the kernel
like some other imagers. This allows us to have complex userspace imager
(e.g. copy across network, hash etc), as well as run analysis on the live
system (e.g. rekall can be run directly on the device).
- The userspace component can write crash dumps of 32 and 64 bit systems.
- The image can be written to stdout (using an output filename of "-"). This can then be piped using the usual ways (netcat, ssh etc).
Note:
License:
Apache License v2