FastDump

Fastdump is the industry’s most forensically sound Windows™ memory dumping utility. Fastdump has a memory footprint that is far less than other tools such as Helix/DD. All required code is statically linked so no additional DLL’s are loaded. The final executable size is only 80K.

Product Features

 

Fastdump is very simple to use. Use a USB stick or other means to make Fastdump available to a command prompt on the target windows system. Type “fd.exe ” where filename is the dump file and Fastdump will take a snapshot of physical RAM. This file will be a binary dump of RAM. The size of the resulting file will depend on the amount of RAM present in the target machine. Fastdump is optimized to work with USB transfers so it should perform well even when dumping to a USB drive.
FDPro™ is the commerically supported version of Fastdump. FDPro™ supports all versions of Windows™ operating systems and service packs (2000, XP, 2003, Vista, 2008 Server) 32 and 64 bit, including systems with more than 4 gigs of RAM (up to 64 gigs of RAM). FDPro™ supports acquisition of the Windows™ pagefile to be included with the acquisition of RAM. FDPro™ supports a variety of memory probing features that can assist with malware analysis. FDPro™ is packaged with the HBGary Responder product at no additional cost, or can be purchased separately. 

FastDump Community Edition

The community edition of Fastdump supports only 32 bit acquisition up to 4 gigs of RAM and does not support Vista, Windows 2003, or Windows 2008. The community edition can be downloaded free of charge.
Payment Downloads