RedLine

Redline can be used for memory analysis and scanning for IOCs on a Windows, Linux, or macOS endpoints:

• Collect registry data (Windows hosts only)

• Collect running processes

• Collect memory images (before Windows 10)

• Collect Browser History

• Look for suspicious strings

• etc.