This document discusses Linux memory forensics and provides an overview of tools and techniques for acquiring and analyzing memory images. It begins with an introduction to live forensics and lists common Linux commands for gathering system information. The document then covers memory forensics, describing how to access physical memory and dump it to a disk image using tools like fmem and LiME. It also introduces tools for parsing memory dumps, such as Foriana and Volatilitux, and discusses commercial forensic solutions.