Tools: Digital Forensics and Incident Response: IllusiveNetworks-Labs/HistoricProcessTree

2024-06-27 06:02:09 +00:00 · 2018-06-18 08:35:55 +00:00 · 2018-06-18 08:35:55 +00:00 · 9ac5f17df7
commit 9ac5f17df7
parent 42bebcefb2
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1017,6 +1017,10 @@ _return-to-libc techniques_
        <td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
        <td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/IllusiveNetworks-Labs/HistoricProcessTree">IllusiveNetworks-Labs/HistoricProcessTree</a></td>
+        <td>An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/intezer/linux-explorer">intezer/linux-explorer</a></td>
        <td>Easy-to-use live forensics toolbox for Linux endpoints</td>