1. HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
2. WebTrapThis project is designed to create deceptive webpages to deceive and redirect attackers away from real websites.
3. Get-NetworkConnectionEdited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection
4. Update-AllUsersQAUpdate-AllUsersQA is a PowerShell script used to change or disable the security questions and answers for local users in a Windows 10 machine.