GitHub / IllusiveNetworks-Labs / HistoricProcessTree
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
JSON API: http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IllusiveNetworks-Labs%2FHistoricProcessTree
PURL: pkg:github/IllusiveNetworks-Labs/HistoricProcessTree
Stars: 56
Forks: 6
Open issues: 1
License: bsd-3-clause
Language: Python
Size: 452 KB
Dependencies parsed at: Pending
Created at: over 7 years ago
Updated at: over 2 years ago
Pushed at: over 7 years ago
Last synced at: over 2 years ago
Topics: dfir, incident-response, process-tree, treeview, windows-eventlog