Skip to content

MemProcFS-Analyzer-v0.7
Compare
Choose a tag to compare
@evild3ad evild3ad released this 21 Nov 06:19
· 42 commits to main since this release
v0.7
52ad013
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Added: User Interface
Added: Pagefile Support
Added: Zircolite - A standalone SIGMA-based detection tool for EVTX
Added: Event Log Overview
Added: Processes w/ Unusual User Context
Added: Process Tree: Properties View
Added: Searching for Cobalt Strike Beacons Configuration(s) w/ 1768.py (needs to be installed manually, disabled by default)
Added: Simple Prefetch View (based on Forensic Timeline)
Fixed: Other minor fixes and improvements

Assets 3
Loading