IllusiveNetworks-Labs/HistoricProcessTree
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
PythonBSD-3-Clause
Stargazers
- 7h3rAm@Cisco-Talos
- adulau@MISP @CIRCL @cve-search and many others
- akafri
- cedricbonhomme@CIRCL
- daniel110
- dolevillusive
- FlowerCode
- gripedthumbtacks
- guysegev
- iamidris
- itaykahanaIsrael
- jj1985
- liadga
- lteich
- matankob
- MChorfaDeveloper
- MineshK
- nizq
- OfirLauberIsrael
- omerb4
- sakyawang
- sapir
- seamustuohy
- shanister
- ShawnAlexander
- socketoJapan
- Spacecow99Canada
- Status-418
- Talko1
- ThisGrrlBytes
- tkahana
- TomSela
- tshmul
- Vasily
- yosi-dediashvili
- zloychelovek