General

2. Some systems cannot be shut down so live analysis is the only option. Live data can be captured and analyzed offline. 3. It is highly useful to collect information about the kernel, processes, registry and file accesses, as well as, network communications and their associations. Suspicious processes and their activity can be tracked. WindowsSCOPE…

WindowsSCOPE is a tool to learn and analyze the internals of the Windows operating system and everything it runs. Use it to learn to master operating systems, the Windows kernel, virtual memory management, x86 memory management, device drivers and applications. Use it to access the kernel, disassemble and graph any code in the kernel or…