From 7db1d4b1c09bfef30fdd7ea5284b7e2c9b652304 Mon Sep 17 00:00:00 2001 From: Tony Phipps Date: Tue, 27 Aug 2019 23:29:19 -0400 Subject: [PATCH] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 13072f6..dceb82d 100644 --- a/README.md +++ b/README.md @@ -240,3 +240,4 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an * [PSRecon](https://github.com/gfoss/PSRecon/) - PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally. * [RegRipper](https://code.google.com/p/regripper/wiki/RegRipper) - Open source tool, written in Perl, for extracting/parsing information (keys, values, data) from the Registry and presenting it for analysis. * [TRIAGE-IR](https://code.google.com/p/triage-ir/) - IR collector for Windows. +* [MEERKAT](https://github.com/TonyPhipps/Meerkat) - PowerShell-based triage and threathunting for Windows.