Product Review - Mandiant Highlighter
Today we are looking at Mandiant Highlighter; Log and Text File Viewer
Product home page can be found here
MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis that helps the analyst identify patterns. Highlighter also provides a number of features aimed at . . . → Read More: Mandiant Highlighter – Log and Text File Viewer Review
Let’s say you wanted to hash windows files against a known good set of hashes.
Here’s how to do it!
Required Tools md5deep nsrlquery
You’ll also need a server to query against. Luckily Kyrus has provided a nsrlserver (beta), known as the Kyrus NSRL Lookup Service!
nsrlquery is an umbrella project that’s home to . . . → Read More: hash windows files against known good set
File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. The carving process makes use of knowledge of common file structures, information contained in files, and heuristics regarding how filesystems fragment data. Fusing these three sources of information, a file carving system infers which fragments belong together.
File . . . → Read More: File Carving Software