How it works…

As DumpIt is a fusion of Win32dd and Win64dd, it automatically detects the system architecture type and creates a memory snapshot and a file in JSON format with all the information you will need for further analysis with memory forensics tools, such as Volatility, Rekall, Belkasoft Evidence Center, and others.