Redline version 1.20 introduces support for collection from and analysis of Window 10 systems and is already available for downloading here.

Redline® provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis and the development of a threat assessment profile.

With Redline, you can:

  • Thoroughly audit and collect all running processes and drivers from memory, file-system metadata, registry data, event logs, network information, services, tasks and web history.
  • Analyze and view imported audit data, including the ability to filter results around a given timeframe using Redline’s Timeline functionality with the TimeWrinkle™ and TimeCrunch™ features.
  • Streamline memory analysis with a proven workflow for analyzing malware based on relative priority.
  • Perform Indicators of Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline Portable Agent is automatically configured to gather the data required to perform the IOC analysis and an IOC hit result review.
Load More Related Articles
  • FSEParser v 2.1 released

    New version of FSEventsParser has been released. FSEvents files are written to disk by OS …
  • Volatility Workbench Beta

    PassMark Software has released a beta version of Volatility Workbench – a graphical …
  • Mac FS Events Parser for Autopsy

    Mark McKinnon has written a plugin that will export the /.fseventsd directory to the temp …
Load More In Software

Leave a Reply

Your email address will not be published. Required fields are marked *