Mandiant

From aldeid
Jump to navigation Jump to search

Description

Incomplete.png
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Tools

Redline
Mandiant Redline is a free utility that accelerates the process of triaging hosts suspected of being compromised or infected while supporting in-depth live memory analysis.
IOC Editor
Mandiant's IOC Editor is a free editor for Indicators of Compromise (IOCs).
IOC Finder
Mandiant's IOC Finder is a free tool for collecting host system data and reporting the presence of Indicators of Compromise (IOCs).
Memoryze
Free memory forensics software designed to help incident responders find evil within live memory. Also available for Mac
Highlighter
Highlighter is designed to help security analysts and system administrators rapidly review log and other structured text files.
Web Historian
Assists users in reviewing websites that are stored in the history files of the most commonly used browsers.
PdbXtract
PdbXtract is a tool to help you explore symbolic type information as extracted from Microsoft programming database files.
ApateDNS
Mandiant ApateDNS is a tool for controlling DNS responses though an easy to use graphical user interface (GUI).
Heap Inspector
Mandiant Heap Inspector is a heap visualization and analysis tool. It has the ability to collect a process' heaps using both API and raw methods.
AuditParser
Converts the raw XML output generated by by Mandiant Intelligent Response, Redline, or IOC Finder into tab-delimited text files. These files contain extensive evidence from disk, registry, event logs, memory, and other parsed Windows artifacts that can be used for live response analysis.
Intelligent Response

Comments

blog comments powered by Disqus