Does this have all the rules for DeepBlueCLI?

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

GNU Affero General Public License v3.0

2.28k stars 203 forks source link

Closed PowerPress closed 22 hours ago

PowerPress commented 1 day ago

Does this have all the rules for DeepBlueCLI or would I need to run that as well against the EVTX files?

YamatoSecurity commented 22 hours ago

If you just have a question like this, please add it to the Discussions, not Issues. Yes, Hayabusa has rules that replace everything in DeepBlueCLI