Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
GNU Affero General Public License v3.0
2.32k
stars
203
forks
source link
feat: add support for `fieldref|startswith` and `fieldref|contains` #1441
Closed
fukusuket closed 1 month ago
What Changed
Evidence
Integration-Test
All commands completed successfully. https://github.com/Yamato-Security/hayabusa/actions/runs/11311785948
CSV timeline and JSON timeline Diff(when rule/config folder exists)
No difference(csv/json) from main branch's results as follows. https://github.com/Yamato-Security/hayabusa/actions/runs/11311789907
I would appreciate it if you could check it out when you have time🙏