[2] Many operating systems provide features to kernel developers and end-users to actually create a snapshot of the physical memory for either debugging (e.g. core dump or Blue Screen of Death) purposes or experience enhancement (e.g. hibernation).
[citation needed] One significant step towards structured analysis was in a February 2004 article in SysAdmin Magazine, where Michael Ford demonstrated a more rigorous practice of memory forensics.
[4] In response to this challenge, more tools in this generation, specifically designed to analyze memory dumps, were created - such as MoonSols, KntTools, the FATKit, VolaTools, and Volatility.
These include both commercial tools like Responder PRO, Memoryze, winen, Belkasoft Live RAM Capturer, etc.. New features have been added, such as analysis of Linux and Mac OS X memory dumps, and substantial academic research has been carried out.
[5][6] Unlike Microsoft Windows, Mac OS X interest is relatively new and had only been initiated by Matthieu Suiche[7] in 2010 during Black Hat Briefings security conference.