From f60971d0634a604a3d9d97d74a7b1d321fc30be6 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Fri, 9 Jul 2021 06:57:06 +0700
Subject: [PATCH] Add: DamonMohammadbagher/ETWProcessMon2 to DFIR section

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 649740c..b847ba2 100644
--- a/README.md
+++ b/README.md
@@ -1200,6 +1200,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/CyberDefenseInstitute/CDIR">CyberDefenseInstitute/CDIR</a></td>
         <td>CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/DamonMohammadbagher/ETWProcessMon2">DamonMohammadbagher/ETWProcessMon2</a></td>
+        <td>ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection etc.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/davehull/Kansa">davehull/Kansa</a></td>
         <td>A Powershell incident response framework</td>