From d59d89ff41edb0669d351717376e61d34efc4422 Mon Sep 17 00:00:00 2001
From: user <user@localhost.com>
Date: Tue, 15 Nov 2022 15:02:49 +0100
Subject: [PATCH] minor

---
 small_challenges.md  | 2 +-
 windows_forensics.md | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/small_challenges.md b/small_challenges.md
index e0830ca..e7f958b 100644
--- a/small_challenges.md
+++ b/small_challenges.md
@@ -8,7 +8,7 @@
 ### qrcode hidden message
 
 Öffentliche Nachricht: BPol-OCO-Challenge-2022
-XOR-Key: Komm-zur-Bundespolizei.
+XOR-Key: Komm-zur-Bundespolizei.de
 
 ### mqtt password
 ref: http://noahdavids.org/self_published/CRC_and_checksum.html
diff --git a/windows_forensics.md b/windows_forensics.md
index b881877..1ae80d5 100644
--- a/windows_forensics.md
+++ b/windows_forensics.md
@@ -9,4 +9,8 @@ https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-
 
 ## fragments
 #### chrome parser
-https://github.com/obsidianforensics/hindsightkali
\ No newline at end of file
+https://github.com/obsidianforensics/hindsightkali
+
+## malware runtime analysis
+-  ProcDot compines procmon and wireshark dumps into a GUI-based graph
+https://cert.at/en/downloads/software/software-procdot
\ No newline at end of file