Digital Forensic Tools from NIJ

Two new NIJ-sponsored digital forensics tools are now available to aid in investigations.

MemMarshal is a memory analysis system that assists and automates computer forensic investigations of volatile memory (RAM) images. MemMarshal enables computer forensic investigators to analyze and effectively make use of information contained in volatile memory. MemMarshal is free to law enforcement agencies. Learn more here.

Windows Memory Reader is a simple command-line utility to capture the contents of physical RAM on a suspect computer, letting an investigator gather volatile state information prior to shutting the machine down. This tool is free to all users. Learn more here.

View a list of all NIJ-sponsored tools and databases.

These tools are the result of an NIJ-funded project with Architecture Technology Corporation but are not distributed by the U.S. Department of Justice.

 
Next >






Crime Scene Revisited

Faces of the victims recovered from the scene of a genocide.

Read more...