Someone has finally taken the time to RE all the internal structures for MS-windows systems. Check out 'Responder' tool over at www.hbgary.com. Dumps a ton of information about the system state at time of physical memory snapshot. Drivers,open sockets, open files and regkeys, can even extract full...

[ more ]  [ reply ]