Embedded Files
ProcDot allows a malware analyst to ingest the output from ProcMon and automatically generate a graphical representation of the captured data. Simply upload the csv into ProcDot and select the process name of the malware. Rather than creating filters and navigating hundreds of thousands of events you are now able to navigate a visual diagram of what recorded malware activity.
ProcMon data can also be enriched by ingesting a pcap from a tool such as Wireshark into ProcDot.
video by 13Cubed
Very good video!
TryHackME video using ProcDOT.
Page updated
Google Sites
Report abuse