From 17e4d71e071e73a04374966ede884c23cc4d67fe Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Mon, 10 Jan 2022 10:31:46 +0700
Subject: [PATCH] Add: jklepsercyber/defender-detectionhistory-parser to DFIR
 section

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 28144d9..8f6fc1e 100644
--- a/README.md
+++ b/README.md
@@ -1545,6 +1545,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/jimtin/IRCoreForensicFramework">jimtin/IRCoreForensicFramework</a></td>
         <td>Powershell 7 (Powershell Core)/ C# cross platform forensic framework. Built by incident responders for incident responders.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/jklepsercyber/defender-detectionhistory-parser">jklepsercyber/defender-detectionhistory-parser</a></td>
+        <td>A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
         <td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>