Skip to content
@Yamato-Security

Yamato Security 大和セキュリティ

README.md

Hi there まいど! 👋

About Yamato Security

Yamato Security is a security group created by Zach Mathis (@yamatosecurity) in 2012. At first, the main purpose was to provide security training to build a local security community in Western Japan but has grown to provide training, CTF events, webinars, etc... across the country for thousands of people.

Now, with a group of volunteer members, we are providing free open source DFIR tools such as Hayabusa, WELA, Takajo, etc...

Please contact us if you want to help out and contribute.

Main Projects

Popular repositories Loading

  1. hayabusa hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Rust 2.3k 203

  2. WELA WELA Public

    WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)

    PowerShell 762 82

  3. EnableWindowsLogSettings EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Batchfile 553 51

  4. hayabusa-rules hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Python 142 23

  5. takajo takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Nim 89 7

  6. RustyBlue RustyBlue Public

    RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

    Rust 68 6

Repositories

Showing 10 of 13 repositories
  • Presentations Public
    Yamato-Security/Presentations’s past year of commit activity
    14 2 0 0 Updated Nov 5, 2024
  • hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Yamato-Security/hayabusa-rules’s past year of commit activity
    Python 142 23 4 1 Updated Nov 5, 2024
  • hayabusa-sample-evtx Public

    Sample evtx files to use for testing hayabusa detection rules

    Yamato-Security/hayabusa-sample-evtx’s past year of commit activity
    44 3 0 0 Updated Nov 4, 2024
  • hayabusa-encoded-rules Public

    Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.

    Yamato-Security/hayabusa-encoded-rules’s past year of commit activity
    Rust 3 0 0 0 Updated Nov 4, 2024
  • hayabusa-evtx Public

    A fork of the evtx Rust crate for Hayabusa

    Yamato-Security/hayabusa-evtx’s past year of commit activity
    Rust 6 Apache-2.0 2 4 0 Updated Nov 4, 2024
  • hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Yamato-Security/hayabusa’s past year of commit activity
    Rust 2,282 AGPL-3.0 203 37 1 Updated Nov 2, 2024
  • takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Yamato-Security/takajo’s past year of commit activity
    Nim 89 AGPL-3.0 7 18 0 Updated Oct 31, 2024
  • sigma-to-hayabusa-converter Public

    Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.

    Yamato-Security/sigma-to-hayabusa-converter’s past year of commit activity
    Python 5 GPL-3.0 0 6 0 Updated Oct 14, 2024
  • suzaku-rules Public
    Yamato-Security/suzaku-rules’s past year of commit activity
    1 1 0 0 Updated Apr 30, 2024
  • EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Yamato-Security/EnableWindowsLogSettings’s past year of commit activity
    Batchfile 553 GPL-3.0 51 1 0 Updated Sep 20, 2023
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.