seccure.net Tools
procenum::hidden processes detection
Procenum is a small utility to enumerate all user-mode processes.
idetect::memory forensic analysis
Idetect toolkit is used to help digital investigators in extracting useful information from Linux memory image.
- Digital forensics of the physical memory
http://forensic.seccure.net/pdf/mburdach_digital_forensics_of_physical_memory.pdf