Chainsaw
GPL-3.0馃敩 Digital Forensics 路 Rust
Chainsaw is a tool for rapid forensic analysis of Windows artifacts such as event logs, Master File Table (MFT), and Shimcache leveraging Sigma rules. Developed in Rust, it provides efficient searching and threat hunting capabilities by parsing logs and artifacts to identify potential security incidents. Chainsaw is notable for its speed and ability to automate complex forensic tasks, aiding analysts in detecting and responding to threats quickly.
Tags
Details
- Category
- 馃敩 Digital Forensics
- Language
- Rust
- Repository
- WithSecureLabs/chainsaw
- License
- GPL-3.0
- Platforms
- 馃惂linux馃崕macos馃獰windows
Links
Used in 2 Workflows
Community Reviews
More in Digital Forensics
Volatility 3
PythonAdvanced memory forensics framework. Extracts artifacts from RAM dumps - processes, network connections, registry.
Autopsy
JavaDigital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.
Ghidra
JavaNSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.
Binwalk
PythonFirmware analysis tool. Searches binary images for embedded files, executables, and file systems.
YARA
CPattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.
Velociraptor
GoEndpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.