rukov Posted November 30, 2014 Report Posted November 30, 2014 Redline, Mandiant’s premier free tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile. With Redline, users can:Thoroughly audit and collect all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history.Analyze and view imported audit data, including narrowing and filtering results around a given timeframe using Redline’s Timeline functionality with the TimeWrinkle™ and TimeCrunch™ features.Streamline memory analysis with a proven workflow for analyzing malware based on relative priority.Identify processes more likely worth investigating based on the Redline Malware Risk Index (MRI) score.Perform Indicator of Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline Portable Agent is automatically configured to gather the data required to perform the IOC analysis and an IOC hit result reviewDownload https://dl.mandiant.com/EE/library/Redline-1.12.msi Quote
