Mandiant Highlighter – Log and Text File Viewer Review

Product Review - Mandiant Highlighter

Today we are looking at Mandiant Highlighter; Log and Text File Viewer

Product home page can be found here

Cost: Free!

Overview

MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis that helps the analyst identify patterns. Highlighter also provides a number of features aimed at . . . → Read More: Mandiant Highlighter – Log and Text File Viewer Review

hash windows files against known good set

Let’s say you wanted to hash windows files against a known good set of hashes.

Here’s how to do it!

Required Tools md5deep nsrlquery

You’ll also need a server to query against.  Luckily Kyrus has provided a nsrlserver (beta), known as the Kyrus NSRL Lookup Service!

 

What’s nsrlquery?

nsrlquery is an umbrella project that’s home to . . . → Read More: hash windows files against known good set

File Carving Software

File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. The carving process makes use of knowledge of common file structures, information contained in files, and heuristics regarding how filesystems fragment data. Fusing these three sources of information, a file carving system infers which fragments belong together.

File . . . → Read More: File Carving Software