HistoricProcessTree
Process tree visualization tool
Analyzes Windows event log data to visualize historic process execution evidence in a tree view.
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
59 stars
5 watching
6 forks
Language: Python
last commit: almost 8 years ago dfirincident-responseprocess-treetreeviewwindows-eventlog
Related projects:
| Repository | Description | Stars |
|---|---|---|
 williballenthin/process-forest | Tools for reconstructing historical process hierarchies from Windows event logs. | 146 |
 thiber-org/userline | Automates analysis of Windows Security Events to identify user logon relations | 241 |
 ilyalesik/process-explorer | A graphical viewer for system processes that utilizes web technologies to display hierarchical process information. | 8 |
 airbus-cert/timeliner | A tool for filtering and analyzing Windows event logs based on complex time-based conditions | 37 |
 travisfoley/dfirtriage | A digital forensic tool designed to gather and analyze data from Windows-based systems in incident response scenarios. | 335 |
 jdu2600/windows10etwevents | Collects and analyzes Windows 10 event tracing data from various providers across different versions. | 275 |
| williballenthin/python-evtx | A Python module for parsing Windows Event Log files (.evtx) into structured data | 732 |
 yarox24/evtkit | Tool to repair Windows Event Log files (.evt) acquired during forensic investigations | 18 |
 wps/egon.io | A tool to visualize and model domain stories in a browser-based interface | 757 |
 koudelka/visualixir | A visualizer tool for Elixir BEAM nodes, displaying process and message sequences in a graphical interface. | 1,320 |
 vlachosgroup/renview | Generates a graphic representation of reaction fluxes in chemical reaction systems. | 22 |
 salesforce/sloop | A tool for visualizing and debugging Kubernetes application histories. | 1,474 |
 keithjjones/visualize_logs | Interactive log visualization tool for malware analysis | 139 |
 reed1713/elat | A toolset for analyzing Windows event logs to detect and analyze malware | 29 |
 illera88/ponce | An IDA Pro plugin that facilitates symbolic execution and taint analysis for reverse engineers | 1,502 |