Hayabusa Logo

Hayabusa

0
Free
Visit Website

Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan. It is written in Rust, supports multi-threading for speed, and offers Sigma-compatible detection rules in YML format for easy customization and extensibility. It can be used for live analysis on single systems, offline analysis on multiple systems, or enterprise-wide threat hunting with Velociraptor, providing a consolidated CSV timeline output for analysis in various tools like LibreOffice, Timeline Explorer, Elastic Stack, and Timesketch.

FEATURES

ALTERNATIVES

Advanced computer forensics software with efficient features.

A tool for fixing acquired .evt Windows Event Log files in digital forensics.

A simple Golang application for storing NIST National Software Reference Library Reference Data Set (NSRL RDS) with md5 and sha1 hash lookup searches.

A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.

dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.

View physical memory as files in a virtual file system for easy memory analysis and artifact access.

Python script to parse the NTFS USN Change Journal.

A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.