RAM and paging file acquisition using Belkasoft RAM Capturer
Belkasoft is a company that creates forensic tools and also has a full suite of tools available for forensic acquisition and analysis, along with its free RAM capturer tool, which can be downloaded at https://belkasoft.com/ram-capturer. This tool is best used in Windows but is mentioned here because of its popularity and speed when performing memory and paging file analysis.
After browsing the https://belkasoft.com/ram-capturer page, click on the Download Now button, enter your email address, and click on Proceed. An email with the download link should be sent to you within 24 hours.
Once downloaded and extracted on your Windows machine, choose the appropriate version (x86 or x64) and launch the environment.
The GUI is as simple as it gets with Belkasoft RAM Capturer. You are prompted to specify an output folder path, and from there, it captures the memory and paging file after clicking on Capture!.
