syphon1c / historicprocesstree Goto Github PK
View Code? Open in Web Editor NEWThis project forked from illusivenetworks-labs/historicprocesstree
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
License: BSD 3-Clause "New" or "Revised" License