redline memory forensic writeup


This lab is made by CyberDefenders and this is only my walk-through for the challenge.

Lab Scenario 

“As a member of the Security Blue team, your assignment is to analyze a memory dump using Redline and Volatility tools. Your goal is to trace the steps taken by the attacker on the compromised machine and determine how they managed to bypass the Network Intrusion Detection System “NIDS”. Your investigation will involve identifying the specific malware family employed in the attack, along with its characteristics. Additionally, your task is to identify and mitigate any traces or footprints left by the attacker.” 

Downloading the Memory Dump

Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine

Please visit the lab official link to download it.

My Walk-through 

Please watch my video for the detailed write-up

Redline Challenge Writeup

Used Tools


In this blog, I talked about how to step-by-step solve RedLine memory forensic challenge using Volatility CLI and GUI tools.

~ Cya in the Next One

Leave a Reply