-
@fukusuket Could I ask you to do this one?
We need to create a github action to copy all of the hayabusa and sigma rules from the hayabusa-rules repository and encrypt and zip them into a `rules.zip`…
-
In order to prevent Windows defender from alerting on false positives on yml rules and to minimize the amount of files we need to save to the system, I would like to have hayabusa load the rules from …
-
**Describe the bug**
In a particular environment, the command json-timeline or csv-timeline cannot read the EVTX folder, but can read a file alone.
**Step to Reproduce**
Steps to reproduce the …
-
**Describe the bug**
Rule Author does not appear in the terminal in Windows 11 Pro (only English locale?)
**Step to Reproduce**
1. Create Windows11 machine in Azure with default setting.
2. Open…
-
There are a couple of rules that cause false positives with Windows defender so we would like to ignore them and not create them in the `hayabusa-rules` repository until we can create a fix with hayab…
-
**Describe the bug**
`aggregation condition` rule count does not show up in `Events with hits`(and `Top 5 computers`)
It's probably the similar cause as #1373, but I'll create a separate issue to ma…
-
Would it be possible to add a `--low-memory-mode` option for Takajo, similar to the recently added option in Hayabusa?
I often process Windows Event Forwarding (WEF) logs (ForwardedEvents.evtx), wh…
-
Tasks:
update import app hyb2onc2isis
write export app hyb2rdrgen
update calibration app to latest cal report hyb2cal
-
Old `.evtx` logs may be found in the Volume Shadow Copy Service backups so it would be nice to have a `--scan-vss-backups` option that is used when Hayabusa is doing a live analysis with `-l` in orde…
-
なにか条件がありそうなのですが、一度止めると復活しないことが多々。VRC写真フォルダの容量が多すぎるからでしょうか? 止まっているのか、なにかを頑張っているのかなど、アプリが現在何をやっているかのStatusがわかるようなUpdateがあると嬉しいです。