Jump to navigation Jump to search
- Mandiant Redline is a free utility that accelerates the process of triaging hosts suspected of being compromised or infected while supporting in-depth live memory analysis.
- IOC Editor
- Mandiant's IOC Editor is a free editor for Indicators of Compromise (IOCs).
- IOC Finder
- Mandiant's IOC Finder is a free tool for collecting host system data and reporting the presence of Indicators of Compromise (IOCs).
- Free memory forensics software designed to help incident responders find evil within live memory. Also available for Mac
- Highlighter is designed to help security analysts and system administrators rapidly review log and other structured text files.
- Web Historian
- Assists users in reviewing websites that are stored in the history files of the most commonly used browsers.
- PdbXtract is a tool to help you explore symbolic type information as extracted from Microsoft programming database files.
- Mandiant ApateDNS is a tool for controlling DNS responses though an easy to use graphical user interface (GUI).
- Heap Inspector
- Mandiant Heap Inspector is a heap visualization and analysis tool. It has the ability to collect a process' heaps using both API and raw methods.
- Converts the raw XML output generated by by Mandiant Intelligent Response, Redline, or IOC Finder into tab-delimited text files. These files contain extensive evidence from disk, registry, event logs, memory, and other parsed Windows artifacts that can be used for live response analysis.
- Intelligent Response