Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Mandiant Memoryze review, Hilighter, other Mandiant tools! SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Mandiant Memoryze review, Hilighter, other Mandiant tools!

In followup to my diary of January 2nd.  Russ McRee of has published his review of Mandiant's Memoryze tool.  Russ was so impressed with Memoryze he awarded it the 2008 Toolsmith Tool of the Year!

For those of you who didn't read the first diary...Memoryze is a free tool from Mandiant to assist with Windows memory analysis.  It is one small piece of Mandiant's Mandiant Intelligent Response (MIR) product, released for public consumption.

Russ's review can be found at

Another outstanding free tool released by Mandiant in the last few weeks is Hilighter.  Hilighter is a tool that assist in the viewing and analysis of log files and other text files.  I have only played with it a little bit, but so far I am very impressed.

Mandiant has other free incident response tools available on their website as well:

Red Curtain - helps find and analyze unknown malware

Web Historian - assists with review of websites found in browser history files

First Response - incident response management software

If these first few releases are any indication it appears that the Mandiant folks are committed to providing top quality free tools to the incident response community.



-- Rick Wanner rwanner at isc dot sans dot org


324 Posts
ISC Handler
Feb 5th 2009

Sign Up for Free or Log In to start participating in the conversation!