Tag Archives: Redline

nightHawkResponse – Incident Response Framework

nightHawkResponse is a custom built application for asynchronus forensic data presentation on an Elasticsearch backend. This application is designed to ingest a Mandiant Redline "collections" file and give flexibility in search/stack and tagging.

MANDIANT Redline New Release

Mandiant have just released a new version of Redline free software that you can use for incident handling, the utility allow user to report and investigate any system compromised. Usually you need to verify changes in the system to understand