Identifies structured extraction of high-value application configuration and credential material from a Redis datastore. The behavior includes keyspace enumeration, targeted TYPE inspection across configuration namespaces (cloud, database, encryption, JWT, mail, payment, VCS), and direct GET/HGETALL retrieval of secrets, API keys, feature flags, internal URLs, and user cache objects. This tightly grouped pattern reflects deliberate application-layer reconnaissance and credential harvesting following access to a Redis instance, indicating high-confidence data exposure and likely compromise of associated services.