Pinned Repositories
.github
EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
hayabusa-evtx
A fork of the evtx Rust crate for Hayabusa
hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
hayabusa-sample-evtx
Sample evtx files to use for testing hayabusa detection rules
Presentations
RustyBlue
RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
takajo
Takajō (鷹匠) is a Hayabusa results analyzer.
WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Yamato Security 大和セキュリティ's Repositories
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Yamato-Security/WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Yamato-Security/EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
Yamato-Security/hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
Yamato-Security/RustyBlue
RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
Yamato-Security/takajo
Takajō (鷹匠) is a Hayabusa results analyzer.
Yamato-Security/hayabusa-sample-evtx
Sample evtx files to use for testing hayabusa detection rules
Yamato-Security/Presentations
Yamato-Security/hayabusa-evtx
A fork of the evtx Rust crate for Hayabusa
Yamato-Security/.github
Yamato-Security/suzaku-rules