EN
ENNA

Chainsaw

GPL-3.0

🔬 Digital Forensics · Rust

Chainsaw is a tool for rapid forensic analysis of Windows artifacts such as event logs, Master File Table (MFT), and Shimcache leveraging Sigma rules. Developed in Rust, it provides efficient searching and threat hunting capabilities by parsing logs and artifacts to identify potential security incidents. Chainsaw is notable for its speed and ability to automate complex forensic tasks, aiding analysts in detecting and responding to threats quickly.

3.5kstars
296forks
10issues
Updated 4d ago
View on GitHub

Tags

windows-forensicsevent-logssigma-rulesthreat-huntingattackblueteamchainsawcounterceptdetectiondfirforensicslogsrustsecuritysigmawindows

Details

Category
🔬 Digital Forensics
Language
Rust
License
GPL-3.0
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/WithSecureLabs/chainsaw

Releases

github.com/WithSecureLabs/chainsaw/releases

Issues

github.com/WithSecureLabs/chainsaw/issues

Sponsored

Your ad here

Reach security professionals and developers — ads@en-na.com

More in Digital Forensics

Volatility 3

Python

Advanced memory forensics framework. Extracts artifacts from RAM dumps — processes, network connections, registry.

memoryram-dumpartifact-extraction

Autopsy

Java

Digital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.

disk-forensicsguitimeline

Ghidra

Java

NSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.

reverse-engineeringdecompilerbinary-analysis

Binwalk

Python

Firmware analysis tool. Searches binary images for embedded files, executables, and file systems.

firmwarebinaryextraction

YARA

C

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

malwarepattern-matchingrules

Velociraptor

Go

Endpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.

endpointhuntingdfir