Collecting Sensitive Information From Windows Physical Memory
Source: Academy Publisher
When investigators are faced with a target system, they want to find sensitive information such as userID and password. Unfortunately, sensitive information can not be found on the hard drive in most cases. Consequently, sensitive information needs to be gathered from physical memory. In their research, the authors have found lots of sensitive information from physical memory by different techniques. Besides userID and password, they also have found QQ-chat logs that never have been referred in other papers.