View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007550 | Kali Linux | [All Projects] Queued Tool Addition | public | 2022-01-29 01:56 | 2023-03-27 11:32 |
Reporter | doublezero | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | acknowledged | Resolution | open | ||
Product Version | |||||
Target Version | Fixed in Version | ||||
Summary | 0007550: Chainsaw - Windows Event Log Parser (DFIR) | ||||
Description | Name - Chainsaw Version - Latest Homepage - https://github.com/countercept/chainsaw Chainsaw provides a powerful ‘first-response’ capability to quickly identify threats within Windows event logs. It offers a generic and fast method of searching through event logs for keywords, and by identifying threats using built-in detection logic and via support for Sigma detection rules. Install - You can find pre-compiled versions of chainsaw in the releases section of this Github repo, or you can clone the repo (and the submodules) by running: git clone --recurse-submodules https://github.com/countercept/chainsaw.git You can then compile the code yourself by running: cargo build --release. Once the build has finished, you will find a copy of the compiled binary in the target/release folder. Make sure to build with the --release flag as this will ensure significantly faster execution time. | ||||
|
@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging |
Date Modified | Username | Field | Change |
---|---|---|---|
2022-01-29 01:56 | doublezero | New Issue | |
2022-03-25 13:40 | g0tmi1k | Note Added: 0015937 | |
2022-03-25 13:40 | g0tmi1k | Category | New Tool Requests => Queued Tool Addition |
2022-05-04 12:54 | g0tmi1k | Status | new => acknowledged |