Add JPCERTCC/SysmonSearch

This commit is contained in:
pe3zx 2018-09-23 13:21:13 +07:00
parent cf9c44448d
commit da1b3d3db6

View File

@ -1214,6 +1214,10 @@ _return-to-libc techniques_
<td><a href="https://github.com/JPCERTCC/LogonTracer">JPCERTCC/LogonTracer</a></td>
<td>Investigate malicious Windows logon by visualizing and analyzing Windows event log</td>
</tr>
<tr>
<td><a href="https://github.com/JPCERTCC/SysmonSearch">JPCERTCC/SysmonSearch</a></td>
<td>Investigate suspicious activity by visualizing Sysmon's event log</td>
</tr>
<tr>
<td><a href="https://github.com/IllusiveNetworks-Labs/HistoricProcessTree">IllusiveNetworks-Labs/HistoricProcessTree</a></td>
<td>An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.</td>