WithSecureLabs chainsaw issues

WithSecureLabs / chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

GNU General Public License v3.0

2.85k stars 260 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

failed to parse manifest at

#76 purplebyteone closed 2 years ago
3
Evtx files with different extension

#75 jurelou closed 2 years ago
4
Add sigma metadatas in results

#74 jurelou closed 2 years ago
7
Docs: Mapping File Explanation

#72 FranticTyping closed 2 years ago
0
Path issue leading to merging sample logs

#70 BustedSec closed 2 years ago
1
Documentation or guidance on expanding Chainsaw's functionality

#69 tomnewman86 opened 2 years ago
15
Add Sigma Rule Id and description to results

#68 jvmendezp closed 2 years ago
2
How to install on Windows 10

#67 bmmojo closed 2 years ago
5
warning: field is never read

#66 etaylor77 closed 2 years ago
1
clean: updating README file

#65 FranticTyping closed 2 years ago
1
feat: add in output command as requested for #60

#64 fscc-alexkornitzer closed 2 years ago
0
Feature Request - Parsing event log xml file

#63 dfirhoze closed 2 years ago
2
fix(hunt): catch the rest of the builtin detections

#62 fscc-alexkornitzer closed 2 years ago
1
--json not outputting correctly with search

#61 CyberAustin closed 2 years ago
4
--json output path not working for hunts

#60 0x90v1 closed 2 years ago
8
Json output missing detections

#59 56616c6f72 closed 2 years ago
3
--lateral-all on large logs

#58 LiamWakefield closed 2 years ago
2
search -o and -j Parameter not working as intended

#57 SirGibihm closed 2 years ago
2
Fix/csv output cleaning

#56 fscc-jamesd closed 2 years ago
2
feat: add channel information to cleared log events

#55 fscc-jamesd closed 2 years ago
0
Fix/seperate json attributes

#54 fscc-jamesd closed 2 years ago
0
more output in terms of log clearing

#53 MarkusLoyen closed 2 years ago
1
more information for forensic investigator

#52 MarkusLoyen closed 2 years ago
3
Use separate-json-attributes

#51 forensicmatt closed 2 years ago
3
Add testing into Chainsaw

#50 fscc-alexkornitzer closed 2 years ago
2
Expand --ignore-errors to include system errors

#49 dsplice closed 2 years ago
2
feature: removing progress bar for searching as it corrupts the output

#48 fscc-jamesd closed 2 years ago
0
Trend Micro Antivirus removing chainsaw.exe as malicious file

#47 askvpb closed 2 years ago
2
Support for Syslog/CEF output

#46 Richard1611 closed 2 years ago
2
Request for time filters(start and end dates) in local time

#45 termcap closed 2 years ago
3
feat: improve logging and error handling for invalid evtx files

#44 fscc-jamesd closed 2 years ago
0
Give it a bit of a clean and add some very much needed tests :P

#43 fscc-alexkornitzer closed 2 years ago
2
Is there any installation guide?

#42 Blason closed 2 years ago
2
Rule seemingly not matching certain event IDs

#41 michaeljgoodman closed 2 years ago
3
A single invalid evtx stream halts processing of multiple files

#40 michaeljgoodman closed 2 years ago
1
Output failed file?

#39 Kerokus closed 2 years ago
3
Correctly convert Sigma's Rule Collection rules

#38 fscc-alexkornitzer closed 2 years ago
1
Fix incorrect parsing of Sigma's Rule Collections

#37 alexkornitzer closed 2 years ago
0
Output Directory option?

#36 johnathan-fern closed 2 years ago
2
CSV Files not generated correctly

#35 juaromu closed 2 years ago
3
Search Progress Bar not working since v1.1.0

#34 fscc-jamesd closed 2 years ago
1
"+" at the start of detection_rules column values

#33 michaeljgoodman closed 2 years ago
4
Add --sync command for updating Sigma rules from SigmaHQ repo

#32 AndrewRathbun closed 2 years ago
2
Revert "fix: remove string translation on eventIDs to fix rule matching errors"

#31 fscc-jamesd closed 3 years ago
0
Incorrect Sigma detections since v1.1.0

#30 einarssonm closed 3 years ago
1
Feature/time window

#29 fscc-jamesd closed 2 years ago
0
fix: remove string translation on eventIDs to fix rule matching errors

#28 fscc-jamesd closed 3 years ago
0
fix: clean up the CSV filenames before writing results to disk

#27 fscc-jamesd closed 3 years ago
0
Support for more F-Secure alerts / log providers

#26 einarssonm closed 2 years ago
3
Support for WEF/WEC ForwardedEvents.evtx

#25 einarssonm closed 2 years ago
6

Previous Next