Hayabusa Logo

Hayabusa

0
Free
Visit Website

Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan. It is written in Rust, supports multi-threading for speed, and offers Sigma-compatible detection rules in YML format for easy customization and extensibility. It can be used for live analysis on single systems, offline analysis on multiple systems, or enterprise-wide threat hunting with Velociraptor, providing a consolidated CSV timeline output for analysis in various tools like LibreOffice, Timeline Explorer, Elastic Stack, and Timesketch.

FEATURES

ALTERNATIVES

Tool for parsing NTFS journal files, $Logfile, and $MFT.

Visually inspect regex matches in binary data/text with YARA and regular expressions, displaying matched bytes and surrounding context.

A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.

An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.

TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.

Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.

A command-line utility for extracting human-readable text from binary files.

Online platform for image steganography analysis

PINNED