Yamato Security 大和セキュリティ

All

20 repositories

hayabusa-encoded-rules
Public
Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.
Rust
•
Other
•0•9•1•0•Updated Jan 10, 2026Jan 10, 2026
WELA
Public
Windows Event Log Auditor
PowerShell
•
MIT License
•3•63•5•0•Updated Jan 10, 2026Jan 10, 2026
EventLog-Baseline-Guide
Public
Windows Event Log Audit Configuration Baselines and Guidelines. Automated monitoring of audit policy settings across different security frameworks.
Batchfile
•
MIT License
•2•8•0•0•Updated Jan 9, 2026Jan 9, 2026
hayabusa-rules
Public
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
windows attack log analysis event dfir mitre sigma hayabusa
Python
•
Other
•26•212•3•0•Updated Dec 25, 2025Dec 25, 2025
takajo
Public
Takajō (鷹匠) is a Hayabusa results analyzer.
windows nim log analysis event nim-lang hayabusa
Nim
•
GNU Affero General Public License v3.0
•9•149•17•0•Updated Dec 19, 2025Dec 19, 2025
hayabusa
Public
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
windows rust security attack detection incident-response logs event threat forensics
Rust
•
GNU Affero General Public License v3.0
•259•3k•35•0•Updated Dec 15, 2025Dec 15, 2025
hayabusa-evtx
Public
A fork of the evtx Rust crate for Hayabusa
Rust
•
Apache License 2.0
•2•12•4•1•Updated Dec 13, 2025Dec 13, 2025
suzaku-rules
Public
Other
•2•12•1•1•Updated Dec 9, 2025Dec 9, 2025
suzaku
Public
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
aws security engineering monitoring log azure detection gcp id threat
Rust
•
GNU Affero General Public License v3.0
•8•162•3•0•Updated Dec 7, 2025Dec 7, 2025
Presentations
Public
2•20•0•0•Updated Nov 19, 2025Nov 19, 2025
hayabusa-sample-evtx
Public
Sample evtx files to use for testing hayabusa detection rules
5•64•0•0•Updated Nov 5, 2025Nov 5, 2025
IT-Yokai
Public
Collection of IT Yōkai (妖怪) (traditional Japanese supernatural beings)
Other
•1•7•0•0•Updated Oct 31, 2025Oct 31, 2025
sigma-to-hayabusa-converter
Public
Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
Python
•
GNU General Public License v3.0
•0•16•4•0•Updated Oct 22, 2025Oct 22, 2025
WELA-RulesGenerator
Public
This repository generates rules to be used with WELA for auditing Windows event log audit settings.
Rust
•
GNU General Public License v3.0
•0•5•0•0•Updated Oct 9, 2025Oct 9, 2025
EnableWindowsLogSettings
Public
Documentation and scripts to properly enable Windows event logs.
windows security auditing monitoring logs event forensics dfir sysmon sigma
Batchfile
•
GNU General Public License v3.0
•58•651•3•0•Updated Oct 3, 2025Oct 3, 2025
suzaku-sample-data
Public
Sample cloud logs to test with Suzaku.
2•4•0•0•Updated Sep 29, 2025Sep 29, 2025
sigma-rust
Public
A fork of the Rust library for parsing and evaluating Sigma rules
Rust
•
Apache License 2.0
•7•1•1•0•Updated Jul 28, 2025Jul 28, 2025
.github
Public
0•1•0•0•Updated Apr 21, 2025Apr 21, 2025
WELA-deprecated
Public
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）
windows log analysis timeline logs event threat forensics dfir response
PowerShell
•
GNU General Public License v3.0
•82•781•9•0•Updated Feb 3, 2023Feb 3, 2023
RustyBlue
Public archive
RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
Rust
•
MIT License
•6•72•0•0•Updated Oct 13, 2022Oct 13, 2022