A Volatile memory become Non-Volatile - Memory Forensic
Introduction Since our schools, we have been learning that RAM (random access memory) is a volatile memory that stores data that means opening, processing and accessing multiple program allows a RAM to be used in next time for execution of the program quickly. Memory Forensic (Findings) We have taken the sample of a laptop machine with the following configurations: It has been identified that while taking the memory Dump of the RAM, there were numerous attributes and critical parameters which had been exposed and appeared and were highlighted during the assessment i.e. Email Addresses & Stored Passwords; SQL Queries; Web Based Passwords; IP Addresses, URL's, and Domains; Critical Configurations; Connection strings; The testing has been performed on a standalone machine using a RAM and a bootable live USB without having a hard drive. The dump was stored on an external Hard drive in order to make things transparent from the start. Tool Used (Dump & Analysis) DumpIT - Memory