Data and Memory Collection with FireEye Redline

Introduction

  • Redline is free endpoint security tool for windows

  • used to collect data from compromised system

  • typically used to collect

    • all running processes from memory

    • drivers from memory

    • file system metadata

    • registry data

    • event logs

    • browser history

    • much more


Last updated