Incident Response
LogonTracer: Investigate malicious Windows logon by visualizing & analyzing Windows event log
LogonTracer uses PageRank and ChangeFinder to detect malicious hosts and accounts from the event log. This tool can visualize the following event id related to Windows...