Skip to content
@Yamato-Security

Yamato Security 大和セキュリティ

README.md

Hi there まいど! 👋

About Yamato Security

Yamato Security is a security group created by Zach Mathis (@yamatosecurity) in 2012. At first, the main purpose was to provide security training to build a local security community in Western Japan but has grown to provide training, CTF events, webinars, etc... across the country for thousands of people.

Now, with a group of volunteer members, we are providing free open source DFIR tools such as Hayabusa, WELA, Takajo, etc...

Please contact us if you want to help out and contribute.

Main Projects

Popular repositories Loading

  1. hayabusa hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Rust 2.5k 218

  2. WELA-deprecated WELA-deprecated Public

    WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)

    PowerShell 780 82

  3. EnableWindowsLogSettings EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Batchfile 602 53

  4. hayabusa-rules hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Python 168 26

  5. takajo takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Nim 114 7

  6. RustyBlue RustyBlue Public

    RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

    Rust 72 6

Repositories

Showing 10 of 15 repositories
  • suzaku Public
    Yamato-Security/suzaku’s past year of commit activity
    Rust 3 GPL-3.0 2 7 1 Updated Apr 19, 2025
  • suzaku-rules Public
    Yamato-Security/suzaku-rules’s past year of commit activity
    2 1 0 1 Updated Apr 18, 2025
  • hayabusa-encoded-rules Public

    Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.

    Yamato-Security/hayabusa-encoded-rules’s past year of commit activity
    Rust 7 0 0 0 Updated Apr 18, 2025
  • WELA Public

    Windows Event Log Auditor

    Yamato-Security/WELA’s past year of commit activity
    PowerShell 6 GPL-3.0 1 10 1 Updated Apr 18, 2025
  • hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Yamato-Security/hayabusa-rules’s past year of commit activity
    Python 168 26 4 0 Updated Apr 17, 2025
  • takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Yamato-Security/takajo’s past year of commit activity
    Nim 114 AGPL-3.0 7 24 0 Updated Apr 12, 2025
  • hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Yamato-Security/hayabusa’s past year of commit activity
    Rust 2,547 AGPL-3.0 218 38 1 Updated Apr 12, 2025
  • Presentations Public
    Yamato-Security/Presentations’s past year of commit activity
    18 2 0 0 Updated Apr 3, 2025
  • hayabusa-evtx Public

    A fork of the evtx Rust crate for Hayabusa

    Yamato-Security/hayabusa-evtx’s past year of commit activity
    Rust 7 Apache-2.0 2 4 0 Updated Mar 31, 2025
  • sigma-to-hayabusa-converter Public

    Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.

    Yamato-Security/sigma-to-hayabusa-converter’s past year of commit activity
    Python 12 GPL-3.0 0 4 0 Updated Feb 6, 2025
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.