In followup to my diary of January 2nd. Russ McRee of holisticinfosec.org has published his review of Mandiant's Memoryze tool. Russ was so impressed with Memoryze he awarded it the 2008 Toolsmith Tool of the Year!
For those of you who didn't read the first diary...Memoryze is a free tool from Mandiant to assist with Windows memory analysis. It is one small piece of Mandiant's Mandiant Intelligent Response (MIR) product, released for public consumption.
Russ's review can be found at http://holisticinfosec.org/toolsmith/docs/february2009.pdf
Another outstanding free tool released by Mandiant in the last few weeks is Hilighter. Hilighter is a tool that assist in the viewing and analysis of log files and other text files. I have only played with it a little bit, but so far I am very impressed.
Mandiant has other free incident response tools available on their website as well:
Red Curtain - helps find and analyze unknown malware
Web Historian - assists with review of websites found in browser history files
First Response - incident response management software
If these first few releases are any indication it appears that the Mandiant folks are committed to providing top quality free tools to the incident response community.
-- Rick Wanner rwanner at isc dot sans dot org
Feb 5th 2009
1 decade ago