Dailydave mailing list archives

Re: Memory, Elephantine

From: Julien TINNES <julien.tinnes () francetelecom com>
Date: Sat, 04 Mar 2006 23:23:59 +0100

Nick Petroni wrote:

While on the topic of memory forensics, the Python enthusiasts in
the crowd may be interested in a new extensible research framework for
analyzing volatile memory images that we will be releasing at an upcoming
(yet to be determined) venue.


While we're at it, here's some advertisement for a small utility I wrote
a while ago.

It parses the Intel system descriptor tables (IDT, LDT, GDT..) and
prints the descriptors information.
It'll dump the descriptor from /dev/kmem by default.

http://cr0.org/progs/dtdumper/

-- 
Julien

Current thread:

Memory, Elephantine Dave Aitel (Mar 03)
- Re: Memory, Elephantine Nick Petroni (Mar 03)
  - Re: Memory, Elephantine Dave Aitel (Mar 04)
    - Re: Memory, Elephantine Nick Petroni (Mar 04)
  - Re: Memory, Elephantine jnf (Mar 04)
    - Re: Memory, Elephantine AAron Walters (Mar 06)
  - Re: Memory, Elephantine Julien TINNES (Mar 04)
    - Re: Memory, Elephantine Matt Conover (Mar 06)