Data and Memory Collection with FireEye Redline
Introduction
Redline is free endpoint security tool for windows
used to collect data from compromised system
typically used to collect
all running processes from memory
drivers from memory
file system metadata
registry data
event logs
browser history
much more
Last updated