CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 5 of 5
  1. June 23rd, 2014, 05:25 PM #1
    dangutdavid
    dangutdavid is offline Junior Member
    Join Date
    Jun 2014
    Posts
    2

    memory capturing

    Build an automated forensics tool. This could be to grab volatile evidence from a MAC or a Windows machine. It could also be to collect GPS evidence from mobile devices or Sat Navs. This would require some programming skill. This can be written in any language - Java, C, C#, C++, Phython, etc


    please friends any idea
    Reply With Quote Reply With Quote
  2. June 24th, 2014, 05:27 AM #2
    VictorN's Avatar
    VictorN
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: memory capturing

    Is it a job offer?
    Victor Nijegorodov
    Reply With Quote Reply With Quote
  3. June 24th, 2014, 08:18 AM #3
    OReubens
    OReubens is offline Elite Member Power Poster
    Join Date
    Apr 2000
    Location
    Belgium (Europe)
    Posts
    4,626

    Re: memory capturing

    Actually if it really is for after-the-fact forensics, then it CAN NOT be java, C# or python or any other language that requires a separate framework to be present.

    The framework could not be present causing the forensics tool to not run, and the mere act of installing a framework could destroy whatever evidence you're trying to obtain.

    If it is what you claim, then it needs to be a stand alone application that can be run from diskette or memorystick. Don't rely on network/internet, it may not be installed/configured the way you need it to be, and doing so might destroy whatever you're trying to detect.
    Reply With Quote Reply With Quote
  4. June 24th, 2014, 09:15 AM #4
    dangutdavid
    dangutdavid is offline Junior Member
    Join Date
    Jun 2014
    Posts
    2

    Re: memory capturing

    Quote Originally Posted by OReubens View Post
    Actually if it really is for after-the-fact forensics, then it CAN NOT be java, C# or python or any other language that requires a separate framework to be present.

    The framework could not be present causing the forensics tool to not run, and the mere act of installing a framework could destroy whatever evidence you're trying to obtain.

    If it is what you claim, then it needs to be a stand alone application that can be run from diskette or memorystick. Don't rely on network/internet, it may not be installed/configured the way you need it to be, and doing so might destroy whatever you're trying to detect.
    thanks
    Reply With Quote Reply With Quote
  5. June 24th, 2014, 12:31 PM #5
    razzle
    razzle is offline Member +
    Join Date
    Jul 2013
    Posts
    576

    Re: memory capturing

    Quote Originally Posted by OReubens View Post
    Actually if it really is for after-the-fact forensics, then it CAN NOT be java, C# or python or any other language that requires a separate framework to be present.
    Well, a tool like this most likely would have a probe part and a control & analysis part. The probe would be integrated into the target computer as non-intrusively as possible and it would most likely be written in assembly or C or both. The probe would then communicate via hardware wire with a separate computer running the control & analysis part of the tool. Since this computer would be isolated from the target there would be no special restrictions on what programming languages to use there.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules




Click Here to Expand Forum to Full Width

Featured