-
I saw that the csv-timeline and json-timeline commands support deduplication using the flag `--remove-duplicate-detections`. I think that is incredibly useful. Unfortunately the logon-summary does not…
-
@fukusuket Could I ask you to do this one?
We need to create a github action to copy all of the hayabusa and sigma rules from the hayabusa-rules repository and encrypt and zip them into a `rules.zip`…
-
Recently, some sigma rules are being uploaded without the `level` defined so they are `undefined` rules.
However, `--exclude-status` does not support disabling `undefined` rules so I would like to su…
-
It's possible to gather some GPU information with vulkan, like memory available and memory usage: https://www.asawicki.info/news_1695_there_is_a_way_to_query_gpu_memory_usage_in_vulkan_-_use_dxgi
A…
-
## What just happened?
Animesh trees rezzed on my land randomly vanish, and sometimes flicker rapidly visible/invisible. This is happening repeatedly, randomly, and often enough to make the trees unus…
-
In order to prevent Windows defender from alerting on false positives on yml rules and to minimize the amount of files we need to save to the system, Hayabusa will have the option to use encoded rules…
-
It would be nice to be able to manually build release packages with github actions for the following architectures:
+ Intel Mac 64 bit (`hayabusa-x.x.x-mac-intel`)
+ Arm Mac 64 bit (`hayabusa-x.x.x-…
-
**Describe the bug**
It's not actually Hayabusa's bug ... :(
but the browser(Edge/Chrome) is blocking the download, so the [hayabusa-2.16.0-win-x64.zip](https://github.com/Yamato-Security/hayabusa/…
-
**Describe the bug**
failed test when `cargo test -- --test-threads=1` execute
successed test when `RUST_TEST_THREADS=1 cargo test` exevute
-
Hello Phil,
I've been testing your distribution and love it so far. I have successfully been able to use the SOFELK parser in gkape but I was wondering if it was possible for SOF-ELK to read EVTX …