10.16. 取证¶

10.16.1. 内存取证¶

SfAntiBotPro
volatility
Rekall Memory Forensic Framework
LiME LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android.
AVML Acquire Volatile Memory for Linux

Read the Docs v: latest

Versions: latest

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.