Event Log Chainsaw Massacre - Powerful Threat Detection

Поделиться
HTML-код
  • Опубликовано: 25 дек 2024

Комментарии • 26

  • @yannickleroy7419
    @yannickleroy7419 3 года назад +6

    Not sure why this was in my recommended, but it was actually quite interesting. Thank's for showcasing this, subbed!

  • @mallikab8707
    @mallikab8707 2 года назад +1

    Awesome 👌 Thank for your time and I will explore more on this.

  • @castle228
    @castle228 3 года назад +3

    Going to have to add this tool to the repertoire

  • @lonegunmen85
    @lonegunmen85 2 года назад +1

    Awsome! Thanks for sharing the knowlege

  • @orlandop4sun
    @orlandop4sun Год назад

    Great job on this video.. súper profesional

  • @rogerioabreu3081
    @rogerioabreu3081 3 года назад +3

    awesome. thnx

  • @NetworkITguy
    @NetworkITguy 3 года назад +3

    This with velociraptor is gg

    • @sulthansk6444
      @sulthansk6444 3 года назад

      @@Lordyzagat velociraptor ir tool

  • @adrianguerrero9583
    @adrianguerrero9583 2 года назад +2

    can you also do a preview/walkthrough for the Hayabusa tool by Yamato-Security.
    it looks like they are almost the same.

  • @benw4529
    @benw4529 2 года назад

    What happen to the syntax the commands to not work

  • @shadisukkar
    @shadisukkar 4 месяца назад

    Hello 13Cubed.
    Thank you for this amazing video.
    I have a couple of questions regarding Chainsaw.
    Does Chainsaw work with Windows logs only, or does it work with other OS logs?
    Also, can it take (.json) logs or plain text logs (.log) as an input? Or is it specific for .evtx logs only?

    • @13Cubed
      @13Cubed  4 месяца назад

      It's a cross-platform tool, but it's designed for Windows forensic artifacts. And yes, Chainsaw v2 introduces "support for loading and parsing Event Logs in both JSON and XML format."

    • @shadisukkar
      @shadisukkar 4 месяца назад

      @@13Cubed Thank you.

  • @amirhosseinhemmati9290
    @amirhosseinhemmati9290 5 месяцев назад

    can you please provide a link to log database that you used

    • @13Cubed
      @13Cubed  5 месяцев назад

      Hi, unfortunately that test database has been long since removed.

  • @otvs5838
    @otvs5838 2 года назад +1

    Please share the Latest and safest source link to download chainsaw .

    • @13Cubed
      @13Cubed  2 года назад +1

      github.com/WithSecureLabs/chainsaw/releases

  • @samjohn1098
    @samjohn1098 3 года назад

    Pretty cool.. Nice

  • @artember1200
    @artember1200 2 года назад

    does this require sysmon to be effective?

    • @13Cubed
      @13Cubed  2 года назад

      No, but Sysmon is certainly highly beneficial.

  • @Revoc
    @Revoc Год назад

    This seems to be out of date now with their update.

    • @13Cubed
      @13Cubed  Год назад

      Such is life with RUclips... will consider making an update at some point.

  • @Niteshkumar223-c2u
    @Niteshkumar223-c2u 10 месяцев назад

    none of these commands work for me. amazing

    • @13Cubed
      @13Cubed  10 месяцев назад

      What error do you receive when you try? I need a little more detail if you want to solve the issue.

Следующие
Автовоспроизведение
Impacket Impediments - Finding Evil in Event Logs39:25Impacket Impediments - Finding Evil in Event Logs
Impacket Impediments - Finding Evil in Event Logs13Cubed
Просмотров 8 тыс.
User Access Logging (UAL) Forensics16:59User Access Logging (UAL) Forensics
User Access Logging (UAL) Forensics13Cubed
Просмотров 9 тыс.
Hunting Hackers via Log Analysis!7:58Hunting Hackers via Log Analysis!
Hunting Hackers via Log Analysis!Tyler Ramsbey || Hack Smarter
Просмотров 1,5 тыс.
The Aston Martin Valkyrie Is a $4.5 Million Insane Hypercar31:53The Aston Martin Valkyrie Is a $4.5 Million Insane Hypercar
The Aston Martin Valkyrie Is a $4.5 Million Insane HypercarDoug DeMuro
Просмотров 566 тыс.
Hey.. long time no see01:48Hey.. long time no see
Hey.. long time no seeCoryxKenshin
Просмотров 14 млн
BABYMONSTER - 'Love In My Heart' M/V03:52BABYMONSTER - 'Love In My Heart' M/V
BABYMONSTER - 'Love In My Heart' M/VBABYMONSTER
Просмотров 11 млн
I DEFEATED BLOX FRUIT 🐲DRAGON UPDATE!!🐲18:36I DEFEATED BLOX FRUIT 🐲DRAGON UPDATE!!🐲
I DEFEATED BLOX FRUIT 🐲DRAGON UPDATE!!🐲Kitt Gaming
Просмотров 1,3 млн
Finding Evil with YARA17:57Finding Evil with YARA
Finding Evil with YARA13Cubed
Просмотров 24 тыс.
Hayabusa | Windows Event Log Threat Hunting Tool6:55Hayabusa | Windows Event Log Threat Hunting Tool
Hayabusa | Windows Event Log Threat Hunting ToolMyDFIR
Просмотров 4,7 тыс.
Let's Talk About NTFS Index Attributes10:52Let's Talk About NTFS Index Attributes
Let's Talk About NTFS Index Attributes13Cubed
Просмотров 7 тыс.
SANS DFIR Webcast - Incident Response Event Log Analysis48:50SANS DFIR Webcast - Incident Response Event Log Analysis
SANS DFIR Webcast - Incident Response Event Log AnalysisSANS Digital Forensics and Incident Response
Просмотров 83 тыс.
Let's Talk About Shimcache - The Most Misunderstood Artifact21:51Let's Talk About Shimcache - The Most Misunderstood Artifact
Let's Talk About Shimcache - The Most Misunderstood Artifact13Cubed
Просмотров 14 тыс.
The Case of the Disappearing Scheduled Task12:52The Case of the Disappearing Scheduled Task
The Case of the Disappearing Scheduled Task13Cubed
Просмотров 7 тыс.
Hunt for Hackers with Velociraptor13:51Hunt for Hackers with Velociraptor
Hunt for Hackers with VelociraptorJohn Hammond
Просмотров 99 тыс.
Detecting NTDS.DIT Theft - ESENT Event Logs8:41Detecting NTDS.DIT Theft - ESENT Event Logs
Detecting NTDS.DIT Theft - ESENT Event Logs13Cubed
Просмотров 7 тыс.
The ABCs of WMI - Finding Evil in Plain Sight15:56The ABCs of WMI - Finding Evil in Plain Sight
The ABCs of WMI - Finding Evil in Plain Sight13Cubed
Просмотров 18 тыс.
👶 СУМАСШЕДШИЙ РЕБЁНОК ВЗОРВАЛ ПЛАНЕТУ 😜 Who's Your Daddy КОТЁНОК ЛАЙК и КИРЮХА13:58👶 СУМАСШЕДШИЙ РЕБЁНОК ВЗОРВАЛ ПЛАНЕТУ 😜 Who's Your Daddy КОТЁНОК ЛАЙК и КИРЮХА
👶 СУМАСШЕДШИЙ РЕБЁНОК ВЗОРВАЛ ПЛАНЕТУ 😜 Who's Your Daddy КОТЁНОК ЛАЙК и КИРЮХАКОТЁНОК ЛАЙК
Просмотров 103 тыс.
Владимир Ильич Мороз00:18Владимир Ильич Мороз
Владимир Ильич МорозНовостной Гусь
Просмотров 443 тыс.
Kazakistan'da yolcu uçağı düştü: Sağ kurtulanlar var01:30Kazakistan'da yolcu uçağı düştü: Sağ kurtulanlar var
Kazakistan'da yolcu uçağı düştü: Sağ kurtulanlar varİlke Haber Ajansı
Просмотров 132 тыс.
SON DƏQİQƏ!!! AZAL-ın Bakı-Qroznı sərnişin təyyarəsi qəzaya uğrayıb10:01SON DƏQİQƏ!!! AZAL-ın Bakı-Qroznı sərnişin təyyarəsi qəzaya uğrayıb
SON DƏQİQƏ!!! AZAL-ın Bakı-Qroznı sərnişin təyyarəsi qəzaya uğrayıbREAL TV
Просмотров 408 тыс.
Момент падения самолета вблизи Актау00:20Момент падения самолета вблизи Актау
Момент падения самолета вблизи АктауKhabar NEWS
Просмотров 368 тыс.
🏠КУПИЛИ СТАРУЮ ДАЧУ😱 ВСЕ ТВЕРДЯТ ЕЕ НЕ СПАСТИ👷‍♀️50:51🏠КУПИЛИ СТАРУЮ ДАЧУ😱 ВСЕ ТВЕРДЯТ ЕЕ НЕ СПАСТИ👷‍♀️
🏠КУПИЛИ СТАРУЮ ДАЧУ😱 ВСЕ ТВЕРДЯТ ЕЕ НЕ СПАСТИ👷‍♀️Ekaterina Pankova
Просмотров 49 тыс.
В небе сбили самолет AZAL - ШОКИРУЮЩИЕ ПОДРОБНОСТИ00:53В небе сбили самолет AZAL - ШОКИРУЮЩИЕ ПОДРОБНОСТИ
В небе сбили самолет AZAL - ШОКИРУЮЩИЕ ПОДРОБНОСТИReport AZ
Просмотров 55 тыс.
Factory Assembly Line, Water Transfer #hydrographic #craftshorts #printing #DIY #shorts00:56Factory Assembly Line, Water Transfer #hydrographic #craftshorts #printing #DIY #shorts
Factory Assembly Line, Water Transfer #hydrographic #craftshorts #printing #DIY #shortsHYDRO DIPPING ARTIST
Просмотров 642 тыс.