- MANDIANT IOCe is a free editor for Indicators of Compromise (IOCs).
- Memoryze - A free memory forensics software designed to help incident responders find evil within live memory.
- MIR Lite-CDT - A command line utility based on technology from MANDIANT's Intelligent Response enterprise product.
- Audit Viewer - An open source tool that allows users to examine the results of Memoryze's analysis.
- Highlighter - Designed to help network analysts rapidly review log and other structured text files.
- Red Curtain - A software for incident responders that helps find and analyze unknown malware.
- Web Historian - Assists users in reviewing websites that are stored in the history files of the most commonly used browsers.
Monday, November 15, 2010
Mandiant: Forensic and Incident Response Tools
Below is the list of tools that I used to perform forensic and incident response. All are available at Mandiant free software.