mirror of
https://github.com/pe3zx/my-infosec-awesome.git
synced 2024-07-01 16:11:19 +00:00
Tools: Digital Forensics and Incident Response: williballenthin/process-forest
This commit is contained in:
parent
3af10457cb
commit
42bebcefb2
|
@ -1097,6 +1097,10 @@ _return-to-libc techniques_
|
||||||
<td><a href="https://github.com/williballenthin/EVTXtract">williballenthin/EVTXtract</a></td>
|
<td><a href="https://github.com/williballenthin/EVTXtract">williballenthin/EVTXtract</a></td>
|
||||||
<td>EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.</td>
|
<td>EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><a href="https://github.com/williballenthin/process-forest">williballenthin/process-forest</a></td>
|
||||||
|
<td>process-forest is a tool that processes Microsoft Windows EVTX event logs that contain process accounting events and reconstructs the historical process heirarchies.</td>
|
||||||
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
### Exploits
|
### Exploits
|
||||||
|
|
Loading…
Reference in New Issue
Block a user