is a community-based platform that may eventually support as many as 25 software modules, each serving a different aspect of the incident response process, Kurtz says. This week's release includes three modules: @dirtlist, @pslist, and @yara.
@dirtlist tool offers a way to do directory listings, which enables responders to verify and display digital signature information and filter files and paths to speed incident analysis.
@pslist module lets incident responders list out all active running processes, speeding the task of analyzing executable files and identifying those that might be associated with a sophisticated attack.
@yara module is an enhanced version of the popular, community-based YARA malware analysis...