![]() It is backed by a triage-type methodology that makes the tool easy to use and therefore more accessible to forensic analysts. SuperMem, or “winSuperMem.py,” is a Python script that will parse Windows memory samples in a consistent, quick and selective way. SuperMem can be found on the CrowdStrike GitHub repository here. Recognizing this, CrowdStrike Services created SuperMem, an open-source Windows memory processing script that helps investigators consistently and quickly process memory samples in their investigations. Performing memory analysis in incident response investigations can be tedious and challenging because of the lack of commercial options for processing memory samples, no all-in-one open-source tools to process samples, and a shortage of the knowledge and skill to do so.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |