From ForensicsWiki
Revision as of 15:19, 29 October 2005 by Jessek (Talk | contribs) (Initial description)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

dd, sometimes called GNUdd, is the oldest of the imaging tools currently in use. A command line program that has been ported to many operating systems, dd uses a complex series of flags to allow the user to image or write data from and to raw image files. There are a few forks of dd for forensic purposes including dcfldd, dccidd, a Microsoft Windows version that supports reading Physical Memory.