From b7c45ec8b2807fc25b25ee441c7dafdebfa3fbcf Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Mon, 1 May 2023 11:27:41 +0700
Subject: [PATCH] Add: joeavanzato/Trawler to DFIR section

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index f9fdca5..37e929a 100644
--- a/README.md
+++ b/README.md
@@ -1741,6 +1741,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/jklepsercyber/defender-detectionhistory-parser">jklepsercyber/defender-detectionhistory-parser</a></td>
         <td>A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/joeavanzato/Trawler">joeavanzato/Trawler</a></td>
+        <td>PowerShell script to help Incident Responders discover adversary persistence mechanisms.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
         <td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>