While more attention is now being spent on Bryan's Confessor
development, we've benefited from Jon Mark Allen's (ubahmapk) many contributions, giving MIR-ROR some much needed attention. Please feel free to submit via Issue Tracker and we'll review potential updates for future releases. Project Description
MIR-ROR: Motile Incident Response – Respond Objectively, Remediate
MIR-ROR is a security incident response specialized, command-line script that calls specific Windows Sysinternals tools, as well as some other useful utilities, to provide live capture data for investigation.
You can easily enhance MIR-ROR to your liking with whatever command line tools you find useful.
For incident response resource, we’ve found it indispensable.
Windows Systinternals licensing prevents us from bundling the tools in a distribution package; you’ll have to retrieve them. Download
the complete Sysinternals Suite and unpack in a preferred directory on your system, then move the necessary tools listed in fetch.txt
to a directory you create: C:\tools\MIR-ROR
You can read the complete ISSA Journal article, MIR-ROR: Motile Incident Response – Respond Objectively, Remediate
Feel free to offer feedback; we hope this tool serves you well.
Jon Mark Allen