By efi on Nov 20, 2007
Proper data gathering methodologies are a vital part of conducting a forensics analysis. This article will give a quick overview of some non-intrusive advanced data gathering techniques that involve running kernel dissection without tainting evidence.
In this article I will briefly describe a forensics data gathering technique using an underused data source, namely "The Operating Environment Kernel”.
This is the first part of a series of articles which (I hope to find the time) will be published on a regular basis.