Mandiant Highlighter – Log and Text File Viewer Review

Product Review – Mandiant Highlighter Today we are looking at Mandiant Highlighter; Log and Text File Viewer Product home page can be found here Cost: Free! Overview MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis that helps the analyst identify patterns. Highlighter also provides a number of features aimed at... » read more

hash windows files against known good set

Let’s say you wanted to hash windows files against a known good set of hashes. Here’s how to do it! Required Tools md5deep nsrlquery You’ll also need a server to query against.  Luckily Kyrus has provided a nsrlserver (beta), known as the Kyrus NSRL Lookup Service!   What’s nsrlquery? nsrlquery is an umbrella project that’s home to... » read more

File Carving Software

File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. The carving process makes use of knowledge of common file structures, information contained in files, and heuristics regarding how filesystems fragment data. Fusing these three sources of information, a file carving system infers which fragments belong together. File... » read more