Category: Audit

A look at Redline from Mandiant

Post author By Guy Ngongang on information security
Post date December 28, 2017
No Comments on A look at Redline from Mandiant

Redline is a nice tool to investigate a particular host for signs of compromises. It works on Windows and is freely available on the FireEye site .

Redline Interface

At a glance, we have options to collect data from the host or Analyse an existing data collected file. In our case , I am going to create a Standard Collector for the sake of this demo.

Redline Review Script Configuration

It is clear that the script will run the Collector and save it to a folder named ‘Sessions\AnalysisSession2´ in our case because we run the script twice as in the figure below

AnalysisSession2.mans file to import in Redline

As said in the Readme.txt file, AnalysisSession2.mans has to be openend in Redline to continue with the investigation. We can go through the System Information,Processes,…

The tool is worth a try.

Happy investigations

Investigative options after opening the AnalysisSession2.mans file

Audit Privacy

How much is your Gmail Account Worth?

Post author By Guy Ngongang on information security
Post date July 2, 2013
1 Comment on How much is your Gmail Account Worth?

Many emails account are hijacked everyday. Cybercrooks are selling those compromised accounts in the black market. If you are using Gmail , then there is an auditing method of knowing its retail price on the underground.

The university of Illinois at Chicago has created a Gmail account audit tool called Cloudsweeper.

As seen in the picture above My account is worth $5. It has also helped me finding plain text passwords which were sent to my email. The tool rocks and is worth trying.

Plain text passwords found by Cloudsweeper