Home Videos Introduction to Redline

Introduction to Redline

0
0
1,131

As a continuation of the “Introduction to Memory Forensics” series, Richard Davis taking a look at Redline – a free analysis tool from FireEye that allows us to analyze a potentially compromised Windows system. Redline can collect memory and disk-based artifacts, including all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history. The software provides an easy-to-use GUI interface that can help us analyze the collected data to find evil on a given system. You’ll start with an overview of Redline collectors, and then you’ll create a collector and save it to a USB flash drive. You’ll then run that collector on your target Windows 10 VM and bring the results back to the analysis VM where you’ll briefly look at each category of collected forensic data.

Load More Related Articles
  • Triage Image Creation

    This episode of “Introduction to Windows Forensics” covers triage image creati…
  • Juicy PDFs

    This new video is the next episode of “Introduction to Malware Analysis” serie…
  • Cooking with CyberChef

    As a continuation of the “Introduction to Windows Forensics” series, this epis…
Load More In Videos

Leave a Reply

Your email address will not be published. Required fields are marked *