Yamato Security 大和セキュリティ

.github

EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

hayabusa-evtx

A fork of the evtx Rust crate for Hayabusa

hayabusa-rules

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

hayabusa-sample-evtx

Sample evtx files to use for testing hayabusa detection rules

Presentations

RustyBlue

RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

takajo

Takajō (鷹匠) is a Hayabusa results analyzer.

WELA

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Yamato-Security/hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Yamato-Security/WELA

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Yamato-Security/EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

Yamato-Security/hayabusa-rules

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

Yamato-Security/RustyBlue

RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

Yamato-Security/takajo

Takajō (鷹匠) is a Hayabusa results analyzer.

Yamato-Security/hayabusa-sample-evtx

Sample evtx files to use for testing hayabusa detection rules

Yamato-Security/Presentations

Yamato-Security/hayabusa-evtx

A fork of the evtx Rust crate for Hayabusa

Yamato-Security/.github

Yamato-Security/suzaku-rules