Friday 13 May 2011

Physical Memory Acquisition With MDD

MDD is a physical memory acquisition tool for imaging Windows based computers created by the innovative minds at ManTech International Corporation. MDD is capable of acquiring memory images from Win2000, XP, Vista and Windows Server.

This tool can be pretty useful to analyze the data present in RAM. Whenever we are running programs, RAM stores various range of information being used by the program. For example, if we are running a web browser, the RAM may contain the URLs being visited, form data, etc. So you can just guess we can extract a lot of information from RAM. Thus, MDD can be very useful tool to dump the physical memory into the file from which we can extract the required information.

You can read more and download the tool from MDD SourceForge Page.