Your download link is at the very bottom of the page... always.


Processed through Paypal
No account required.

Donate Bitcoin to this wallet:
 1KkUMXvQ2ko3xcJkzitB7WYgoW6m79WFfm
 Donate Ethereum to this wallet:
 0x40E56922F43637224935CDC35e2c96E0392A8505
 Donate Litecoin to this wallet:
 LLYAFEyqjH69gkyCEpRjXNyedRCWrVChfL

Buy our over-priced crap to help keep things running.
Take No CrapwareOG Dad CapNo Password


Join our Facebook groupFollow us on TwitterFollow us on InstagramOur RSS FeedJoin us on TikTokJoin us on LinkedIn


 Home » OlderGeeks.com Freeware Downloads » Searching Files   
Search Results
Files
  File Name Rating Downloads
Last Update/Developer
Chainsaw v2.5.0
Chainsaw v2.5.0 Rapidly Search and Hunt through Windows Event Logs Chainsaw provides a powerful ‘first-response’ capability to quickly identify threats within Windows event logs. It offers a generic and fast method of searching through event logs for keywords, and by identifying threats using built-in detection logic and via support for Sigma detection rules. Features 🔍 Search and extract event log records by event IDs, string matching, and regex patterns 🎯 Hunt for threats using Sigma detection rules and custom built-in detection logic ⚡ Lightning fast, written in rust, wrapping the EVTX parser library by @OBenamram 🔥 Document tagging (detection logic matching) provided by the TAU Engine Library 📑 Output in an ASCII table format, CSV format, or JSON format Hunting Logic Sigma Rule Matching Using the --rules and --mapping parameters you can specify a directory containing a subset of SIGMA detection rules (or just the entire SIGMA git repo) and chainsaw will automatically load, convert and run these rules against the provided event logs. The mapping file tells chainsaw what event IDs to run the detection rules against, and what fields are relevant. By default the following event IDs are supported: Built-In Logic Extraction and parsing of Windows Defender, F-Secure, Sophos, and Kaspersky AV alerts Detection of key event logs being cleared, or the event log service being stopped Users being created or added to sensitive user groups Brute-force of local user accounts RDP Logins You can specify the --lateral-all flag to chainsaw to also parse and extract additional 4624 logon types (network logons, service, batch etc.) relating to potential lateral movement that may be interesting for investigations. Getting Started You can use the pre-compiled versions of chainsaw ...		 5/5 2,516 Mar 17, 2023
F-Secure Countercept
   
Showing rows 1 to 1 of 1 Showing Page 1 of 1  1 


OlderGeeks.com Copyright (c) 2024