What is dump it.exe?
This utility is used to generate a physical memory dump of Windows machines. It works with both x86 (32-bits) and x64 (64-bits) machines. The raw memory dump is generated in the current directory, only a confirmation question is prompted before starting. Perfect to deploy the executable on USB keys, for quick incident responses needs.
Go to http://www.moonsols.com/ressources/ and download dump it.exe:
Once downloaded, uncompress the DumpIt.zip archive in the directory of your choice (let's take C:\remote_tools\ in our example).
Simple call dump it as follows:
It creates a raw file that you will be able to analyze with volatility or any other tool able to read memory dump files.