Add: airbus-cert/Winshark to DFIR section

2025-01-25 06:46:46 -05:00 · 2022-01-29 15:42:40 +07:00 · 2022-01-29 15:42:40 +07:00 · 64f861b558
commit 64f861b558
parent 4bfdaf7569
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1333,6 +1333,10 @@ This repository is created as an online bookmark for useful links, resources and
        <td><a href="https://github.com/ahmedkhlief/APT-Hunter">ahmedkhlief/APT-Hunter</a></td>
        <td>APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/airbus-cert/Winshark">airbus-cert/Winshark</a></td>
+        <td>A wireshark plugin to instrument ETW</td>
+    </tr>
    <tr>
        <td><a href="https://www.alienvault.com/products/ossim">AlienVault OSSIM</a></td>
        <td>AlienVault OSSIM: The World’s Most Widely Used Open Source SIEM</td>