
Free Security Software
Evil exacts a high price. Fighting it can be free.
Why are we giving away valuable free tools like Redline®?
Because we believe that the information the security community gains from this free software is so important that it deserves to be in as many hands as possible. We’re committed to giving our community the day-in, day-out ability to fight evil. That’s why we make Redline — and other invaluable tools — available at no cost. When hosts are suspected of being compromised or infected Redline acts like cyber security adrenaline, rapidly accelerating the triage process while simultaneously supporting in-depth, real-time memory analysis.
We believe that because security is a shared threat, it’s best fought with a combination of innovation and shared intelligence. Some things are too important to charge for.
Cyber Threat Intelligence
Want to know what threat actors are doing right now? Mandiant Advantage will tell you.
Analysis tools

Redline
Redline® is a free utility that accelerates the process of triaging hosts suspected of being compromised or infected while supporting in-depth live memory analysis.
Learn more
Memoryze
Memoryze™ is free memory forensic software that helps incident responders find evil in live memory.
Learn more
Highlighter
Highlighter™ is a free utility designed primarily for security analysts and system administrators.
Learn moreResearch tools

PdbXtract
PdbXtract™ explores symbolic type information as extracted from Microsoft programming database files.
Learn more
Heap Inspector
Heap Inspector™ is a heap visualization and analysis tool that collects a process’ heaps using both API and raw methods.
Learn moreFLARE tools

FakeNet-NG
FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers.
Learn more
FLOSS
FLOSS uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries.
Learn more
FLARE VM
FLARE VM is a Windows-based security distribution for malware analysis, incident response, and penetration testing.
Learn moreIOC tools (Indicator of Compromise)

IOC Finder
IOC Finder is a free tool for collecting host system data and reporting the presence of IOCs.
Learn more
IOC Writer
IOC Writer provide a python library that allows for basic creation and editing of OpenIOC objects.
Learn more