RedLine is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Strings, Volatility, Privilege Escalation, Defense Evasion, Command and Control.
Learning Objectives
Employ Volatility to analyze a memory dump, identifying suspicious processes, network IOCs, memory protections, and attacker's command-and-control infrastructure.
Categories: Endpoint Forensics.
MITRE ATT&CK Tactics: Privilege Escalation, Defense Evasion, Command and Control.
Tools: Volatility, Strings.
Difficulty: easy.
This website uses cookies to ensure you get the best experience on our
website.
Learn more