mirror of
https://github.com/pe3zx/my-infosec-awesome.git
synced 2024-07-01 16:11:19 +00:00
Tools: Digital Forensics and Incident Response: IllusiveNetworks-Labs/HistoricProcessTree
This commit is contained in:
parent
42bebcefb2
commit
9ac5f17df7
|
@ -1017,6 +1017,10 @@ _return-to-libc techniques_
|
||||||
<td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
|
<td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
|
||||||
<td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>
|
<td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><a href="https://github.com/IllusiveNetworks-Labs/HistoricProcessTree">IllusiveNetworks-Labs/HistoricProcessTree</a></td>
|
||||||
|
<td>An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.</td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td><a href="https://github.com/intezer/linux-explorer">intezer/linux-explorer</a></td>
|
<td><a href="https://github.com/intezer/linux-explorer">intezer/linux-explorer</a></td>
|
||||||
<td>Easy-to-use live forensics toolbox for Linux endpoints</td>
|
<td>Easy-to-use live forensics toolbox for Linux endpoints</td>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user