Data and Memory Collection with FireEye Redline

Introduction

Redline is free endpoint security tool for windows
used to collect data from compromised system
typically used to collect
- all running processes from memory
- drivers from memory
- file system metadata
- registry data
- event logs
- browser history
- much more

PreviousDisk Analysis with Autopsy NextMemory Forensice with Volatility

Last updated 1 year ago