Antonio Savoldi

Learn More
The aim of this paper is to present a new tool, the Page-file Collection Tool (PCT), which can be used to obtain a pagefile on a live Windows based system. It is a known fact that a pagefile on a live system is protected by the operating system, which uses it in the virtual memory context. By using the NTFS filesystem specifications we were able to(More)
The aim of this paper is to describe a new open source tool, usable on Windows and Linux platform, for digital evidence extraction from SIMs and USIMs card. Nowadays, closed-source or confidential tools are used for this purpose and this is contrary to Daubert's test, because, it is not possible to gain the high degree of acceptability from scientific(More)
The aim of this paper is to demonstrate the usefulness of the pagefile in a live forensic context. The forensic science is striving to find new methodologies to analyze the massive quantity of data normally present in a medium-sized workstation, which can have up to several terabytes of storage devices. As a result, the live forensic approach seems to be(More)
In this paper we propose a methodology used to analyse collected pagefiles belonging to public computers using a pagefile collection tool (PCT), which is suitable to be used in a live forensics context. After that, we investigated how to gather sensitive information such as passwords and usernames, which we found in half of the analysed pagefiles.(More)