Chainsaw Logo

Chainsaw

0
Free
Updated 11 March 2025
Digital Forensics
Forensic Analysis
Event Logs
Visit Website

Chainsaw provides a powerful 'first-response' capability to quickly identify threats within Windows forensic artefacts such as Event Logs and the MFT file. It offers a generic and fast method of searching through event logs for keywords, and by identifying threats using built-in support for Sigma detection rules, and via custom Chainsaw detection rules. Features include hunting for threats using Sigma detection rules and custom Chainsaw detection rules, searching and extracting forensic artefacts by string matching and regex patterns, creating execution timelines by analyzing Shimcache artefacts and enriching them with Amcache data, analyzing the SRUM database, dumping the raw content of forensic artefacts (MFT, registry hives, ESE databases), lightning-fast performance, clean and lightweight execution and output formats, document tagging provided by the TAU Engine Library, and outputting results in various formats like ASCII table, CSV, and JSON. It can be run on MacOS and Linux.

FEATURES

EXPLORE BY TAGS

Forensic Analysis

Event Logs

SIMILAR TOOLS

malscan Logo
malscan

Malscan is a tool to scan process memory for YARA matches and execute Python scripts.

Free
Digital Forensics
libfsapfs Logo
libfsapfs

A library and tools to access and analyze APFS file systems

Free
Digital Forensics
Incident Response & Computer Forensics, Third Edition Logo
Incident Response & Computer Forensics, Third Edition

A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

Free
Digital Forensics
Exterro Logo
Exterro

Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.

Commercial
Digital Forensics
Hayabusa Logo
Hayabusa

Windows event log fast forensics timeline generator and threat hunting tool.

Free
Digital Forensics
bugcrowd-levelup-subdomain-enumeration Logo
bugcrowd-levelup-subdomain-enumeration

A repository containing material from a talk on sub-domain enumeration techniques

Free
Digital Forensics
Penguin OS Forensic (or Flight) Recorder (POFR) Logo
Penguin OS Forensic (or Flight) Recorder (POFR)

Collects and organizes Linux OS data for detailed analysis and incident response.

Free
Digital Forensics
Digital Forensics Artifacts Repository Logo
Digital Forensics Artifacts Repository

A community-sourced repository of digital forensic artifacts in YAML format.

Free
Digital Forensics
SmartDeblur 1.27 Logo
SmartDeblur 1.27

A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.

Free
Digital Forensics

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy