3 tools and resources
Powerful tool for searching and hunting through Windows forensic artefacts with support for Sigma detection rules and custom Chainsaw detection rules.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
