STATUS
While more attention is now being spent on Bryan's Confessor development, we've benefited from Jon Mark Allen's (ubahmapk) many contributions, giving MIR-ROR some much needed attention. Please feel free to submit via Issue Tracker and we'll review potential updates for future releases.

Project Description
MIR-ROR: Motile Incident Response – Respond Objectively, Remediate
MIR-ROR is a security incident response specialized, command-line script that calls specific Windows Sysinternals tools, as well as some other useful utilities, to provide live capture data for investigation.

You can easily enhance MIR-ROR to your liking with whatever command line tools you find useful.
For incident response resource, we’ve found it indispensable.
Windows Systinternals licensing prevents us from bundling the tools in a distribution package; you’ll have to retrieve them.
Download the complete Sysinternals Suite and unpack in a preferred directory on your system, then move the necessary tools listed in fetch.txt to a directory you create: C:\tools\MIR-ROR.

You can read the complete ISSA Journal article, MIR-ROR: Motile Incident Response – Respond Objectively, Remediate, here

Feel free to offer feedback; we hope this tool serves you well.

Russ McRee
Troy Larson
Jon Mark Allen

Last edited Mar 22, 2012 at 7:24 AM by RussMcRee, version 6