Skip to content
@Yamato-Security

Yamato Security 大和セキュリティ

README.md

Hi there まいど! 👋

About Yamato Security

Yamato Security is a security group created by Zach Mathis (@yamatosecurity) in 2012. At first, the main purpose was to provide security training to build a local security community in Western Japan but has grown to provide training, CTF events, webinars, etc... across the country for thousands of people.

Now, with a group of volunteer members, we are providing free open source DFIR tools such as Hayabusa, WELA, Takajo, etc...

Please contact us if you want to help out and contribute.

Main Projects

Popular repositories Loading

  1. hayabusa hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Rust 2.5k 215

  2. WELA-deprecated WELA-deprecated Public

    WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)

    PowerShell 781 83

  3. EnableWindowsLogSettings EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Batchfile 596 53

  4. hayabusa-rules hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Python 165 25

  5. takajo takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Nim 109 7

  6. RustyBlue RustyBlue Public

    RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

    Rust 72 6

Repositories

Showing 10 of 15 repositories
  • hayabusa-encoded-rules Public

    Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.

    Rust 7 0 0 0 Updated Mar 21, 2025
  • suzaku Public
    Rust 1 GPL-3.0 1 7 0 Updated Mar 21, 2025
  • WELA Public

    Windows Event Log Auditor

    PowerShell 4 GPL-3.0 1 10 1 Updated Mar 21, 2025
  • hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Rust 2,509 AGPL-3.0 215 41 1 Updated Mar 20, 2025
  • hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Python 165 25 4 0 Updated Mar 20, 2025
  • hayabusa-evtx Public

    A fork of the evtx Rust crate for Hayabusa

    Rust 7 Apache-2.0 2 4 0 Updated Mar 11, 2025
  • takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Nim 109 AGPL-3.0 7 24 1 Updated Feb 27, 2025
  • sigma-to-hayabusa-converter Public

    Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.

    Python 11 GPL-3.0 0 3 0 Updated Feb 6, 2025
  • Presentations Public
    18 2 0 0 Updated Nov 5, 2024
  • hayabusa-sample-evtx Public

    Sample evtx files to use for testing hayabusa detection rules

    51 3 0 1 Updated Nov 4, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…