nightHawk Response

This custom built application is designed for asynchronous forensic data presentation, utilizing an Elasticsearch backend. It is specifically tailored to ingest Mandiant Redline 'collections' files, offering users flexibility in search capabilities, stack management, and tagging options.

The application, accompanied by a comprehensive GOpher application, enables streamlined control over multiple investigations or hundreds of endpoints in a single interface. Version 2.0, with an estimated release date in March 2020, is currently under development. This version will feature a Docker-based installation, a complete rewrite of the user interface in React, progressive and resumable triage uploading, the Kibana nightHawkResponse Plugin, a simplified code base that includes unit tests, and an easier development environment for CI/CD.