Repository navigation

#

hayabusa

Website
Wikipedia

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

dfir threat hunting Windows event logs Rust sigma detection attack forensics incident response hayabusa yamato 安全 Cybersecurity incident-response security-automation threat-hunting

Rust

2775

240

4 天前

Yamato-Security / EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

auditing dfir event forensics hayabusa logs 监控安全 sigma sysmon Windows

Batchfile

624

55

2 年前

Yamato-Security / hayabusa-rules

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

Windows dfir event log analysis sigma hayabusa mitre attack

Python

194

25

3 天前

Yamato-Security / takajo

Takajō (鷹匠) is a Hayabusa results analyzer.

analysis event hayabusa log Windows Nim

Nim

135

9

18 天前

acquiredsecurity / forensic-timeliner

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.

chainsaw digital-forensics-incident-response forensic-analysis forensics-investigations forensics-tools hayabusa timelines YAML

C#

121

12

1 个月前

Digital-Defense-Institute / openrelik-pipeline

Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing

dfir dfir-automation hayabusa incident-response Cybersecurity secops 安全 security-automation

Python

31

3

3 个月前

kidrek / secubian

SECUBIAN is a French Linux distribution focused on evidence processing during Incident Response.

ansible-playbook elastic suricata hayabusa volatility sigma yara spiderfoot drawio notebook-jupyter n8n sphinx-doc

Python

5

3

10 天前

mf1d3l / HayabusaToWinEventLog

Hayabusa to the SIEM made easy

hayabusa incident-response siem threat-hunting detection-engineering blue-team

PowerShell

4

0

3 个月前

rpfilomeno / darahata

Lazy Windows event log fast forensics timeline generator and threat hunting script.

blueteam detection dfir-automation forensics hayabusa Rust 安全 siem sigma threat-hunting Windows

Batchfile

0

0

8 个月前

TobiasS1402 / hayabusa-docker

Running https://github.com/Yamato-Security/hayabusa in a Docker container with a Flask API wrapped around for on-demand cloud functions

Docker Flask functions hayabusa security-automation

Python

0

0

2 年前