wip - add guid, initial section parsing

jklepsercyber / defender-detectionhistory-parser

A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.

GNU General Public License v3.0

109 stars 14 forks source link

Closed jklepsercyber closed 2 years ago

jklepsercyber commented 2 years ago

wip - add guid, initial section parsing