{"payload":{"pageCount":1,"repositories":[{"type":"Public","name":"hayabusa","owner":"Yamato-Security","isFork":false,"description":"Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.","allTopics":["windows","rust","attack","detection","logs","event","threat","forensics","dfir","response","hunting","sigma","incident","yamato","hayabusa","security","incident-response","cybersecurity","threat-hunting","security-automation"],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":2,"issueCount":33,"starsCount":2046,"forksCount":177,"license":"GNU General Public License v3.0","participation":[30,38,40,33,42,31,26,12,14,23,38,15,4,15,2,3,28,30,15,17,10,9,23,5,0,35,6,0,3,14,11,2,48,27,3,38,28,15,17,0,8,0,7,8,23,10,9,10,11,8,14,15],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T08:03:51.415Z"}},{"type":"Public","name":"hayabusa-encrypted-rules","owner":"Yamato-Security","isFork":false,"description":"Encrypted Hayabusa and Sigma rules to avoid anti-virus false positives","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":0,"forksCount":0,"license":null,"participation":[],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T07:36:07.255Z"}},{"type":"Public","name":"Presentations","owner":"Yamato-Security","isFork":false,"description":"","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":13,"forksCount":2,"license":null,"participation":[0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,0,0,0,0,0,0,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-11T10:59:36.899Z"}},{"type":"Public","name":"hayabusa-evtx","owner":"Yamato-Security","isFork":false,"description":"A fork of the evtx Rust crate for Hayabusa","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":0,"issueCount":4,"starsCount":6,"forksCount":2,"license":"Apache License 2.0","participation":[0,0,0,0,1,0,7,0,0,4,1,0,4,5,0,0,0,0,2,0,2,0,2,0,0,0,2,0,0,0,3,0,0,2,4,0,0,0,0,2,1,0,0,4,0,0,0,0,0,0,2,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-09T00:53:27.669Z"}},{"type":"Public","name":"hayabusa-rules","owner":"Yamato-Security","isFork":false,"description":"Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.","allTopics":["windows","attack","log","analysis","event","dfir","mitre","sigma","hayabusa"],"primaryLanguage":null,"pullRequestCount":0,"issueCount":3,"starsCount":117,"forksCount":19,"license":"Other","participation":[13,38,4,6,4,1,4,3,4,3,4,5,4,0,3,3,5,2,4,5,8,6,3,6,1,26,2,2,2,6,38,5,10,3,3,5,2,4,4,28,4,0,10,6,6,1,4,4,3,10,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-06T20:13:45.238Z"}},{"type":"Public","name":"sigma-to-hayabusa-converter","owner":"Yamato-Security","isFork":false,"description":"Tool to convert Windows event log based Sigma rules to Hayabusa compatible rules. ","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":6,"starsCount":1,"forksCount":1,"license":"GNU General Public License v3.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-04T23:02:33.019Z"}},{"type":"Public","name":"takajo","owner":"Yamato-Security","isFork":false,"description":"Takajō (鷹匠) is a Hayabusa results analyzer.","allTopics":["windows","nim","log","analysis","event","nim-lang","hayabusa"],"primaryLanguage":{"name":"Nim","color":"#ffc200"},"pullRequestCount":1,"issueCount":15,"starsCount":59,"forksCount":4,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-01T00:26:33.967Z"}},{"type":"Public","name":"suzaku-rules","owner":"Yamato-Security","isFork":false,"description":"","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"Other","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-30T23:59:05.590Z"}},{"type":"Public","name":"EnableWindowsLogSettings","owner":"Yamato-Security","isFork":false,"description":"Documentation and scripts to properly enable Windows event logs.","allTopics":["windows","auditing","monitoring","logs","event","forensics","dfir","sysmon","sigma","hayabusa","security"],"primaryLanguage":{"name":"Batchfile","color":"#C1F12E"},"pullRequestCount":0,"issueCount":1,"starsCount":499,"forksCount":50,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-20T04:32:53.250Z"}},{"type":"Public","name":".github","owner":"Yamato-Security","isFork":false,"description":"","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":null,"participation":[0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-08-01T01:20:37.898Z"}},{"type":"Public","name":"hayabusa-sample-evtx","owner":"Yamato-Security","isFork":false,"description":"Sample evtx files to use for testing hayabusa detection rules","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":36,"forksCount":3,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-05-17T17:36:11.783Z"}},{"type":"Public","name":"WELA","owner":"Yamato-Security","isFork":false,"description":"WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）","allTopics":["windows","log","analysis","timeline","logs","event","threat","forensics","dfir","response","hunting","sigma","incident"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":0,"issueCount":9,"starsCount":726,"forksCount":76,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-02-03T23:45:28.196Z"}},{"type":"Public","name":"RustyBlue","owner":"Yamato-Security","isFork":false,"description":"RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":0,"issueCount":1,"starsCount":66,"forksCount":6,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-10-13T02:35:16.676Z"}}],"repositoryCount":13,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"Repositories"}