Encryption Keys:
← Older revision
Revision as of 11:08, 27 July 2012
(5 intermediate revisions by one user not shown)
Line 1:
Line 1:
−
'''Memory Analysis''' is the science of using a [[
Tools:
Memory Imaging|memory image]] to determine information about running programs, the [[operating system]], and the overall state of a computer. Because the analysis is highly dependent on the operating system,
we have broken
it into
subpages
:
+
'''Memory Analysis''' is the science of using a [[Memory Imaging|memory image]] to determine information about running programs, the [[operating system]], and the overall state of a computer. Because the analysis is highly dependent on the operating system, it
has been divded
into
the following pages
:
* [[Windows Memory Analysis]]
* [[Windows Memory Analysis]]
Line 11:
Line 11:
Various types of encryption keys can be extracted during memory analysis.
Various types of encryption keys can be extracted during memory analysis.
−
You can use
[[AESKeyFinder]]
to extract
128-bit and 256-bit [[AES]] keys and [[RSAKeyFinder]]
to extract all
private and public [[RSA]] keys from a memory dump [http://citp.princeton.edu/memory/code/]. [http://jessekornblum.com/tools/volatility/cryptoscan.py cryptoscan.py]
(
[[List of Volatility Plugins|plugin for the Volatility
memory analysis
framework]]
)
scans a memory image for [[TrueCrypt]] passphrases
.
+
*
[[AESKeyFinder]]
extracts
128-bit and 256-bit [[AES]] keys and [[RSAKeyFinder]]
and
private and public [[RSA]] keys from a memory dump [http://citp.princeton.edu/memory/code/].
+
*
[http://jessekornblum.com/tools/volatility/cryptoscan.py cryptoscan.py]
, which is a
[[List of Volatility Plugins|plugin for the Volatility framework]]
,
scans a memory image for [[TrueCrypt]] passphrases
== See Also ==
== See Also ==
−
* [[Tools:Memory Imaging]]
+
* [[
Memory Imaging]]
−
* [[Tools:Memory Analysis]]
+
* [[:
Tools:Memory Imaging
|Memory Imaging Tools
]]
+
* [[
:
Tools:Memory Analysis
|Memory Analysis Tools
]]
[[Category:Memory Analysis]]
[[Category:Memory Analysis]]