Introduction to Redline
As a continuation of the “Introduction to Memory Forensics” series, we’re going to take a look at Redline – a free analysis tool from FireEye that allows us to analyze a potentially compromised Windows system. Redline can collect memory and disk-based artifacts, including all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history. The software provides an easy-to-use GUI interface that can help us analyze the collected data to find evil on a given system.
We’ll start with an overview of Redline collectors, and then we’ll create a collector and save it to a USB flash drive. We’ll then run that collector on our target Windows 10 VM and bring the results back to the analysis VM where we’ll briefly look at each category of collected forensic data.
Introduction to Memory Forensics:
• Introduction to Memory Forensics
Redline:
https://www.fireeye.com/services/free...
Redline User Guide:
https://www.fireeye.com/content/dam/f...
#Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #MemoryForensics #MalwareAnalysis #Malware
Смотрите видео Introduction to Redline онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь 13Cubed 08 Октябрь 2017, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 39,56 раз и оно понравилось 53 людям.