Skip to content
@Yamato-Security

Yamato Security 大和セキュリティ

Hi there まいど! 👋

About Yamato Security

Yamato Security is a security group created by Zach Mathis (@yamatosecurity) in 2012. At first, the main purpose was to provide security training to build a local security community in Western Japan but has grown to provide training, CTF events, webinars, etc... across the country for thousands of people.

Now, with a group of volunteer members, we are providing free open source DFIR tools such as Hayabusa, WELA, Takajo, etc...

Please contact us if you want to help out and contribute.

Main Projects

Popular repositories Loading

  1. hayabusa hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Rust 2.3k 203

  2. WELA WELA Public

    WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)

    PowerShell 763 82

  3. EnableWindowsLogSettings EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Batchfile 556 51

  4. hayabusa-rules hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Python 144 23

  5. takajo takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Nim 91 7

  6. RustyBlue RustyBlue Public

    RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.

    Rust 68 6

Repositories

Showing 10 of 13 repositories
  • hayabusa-rules Public

    Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

    Yamato-Security/hayabusa-rules’s past year of commit activity
    Python 144 23 5 0 Updated Nov 18, 2024
  • hayabusa-encoded-rules Public

    Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.

    Yamato-Security/hayabusa-encoded-rules’s past year of commit activity
    Rust 4 0 0 0 Updated Nov 18, 2024
  • hayabusa Public

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Yamato-Security/hayabusa’s past year of commit activity
    Rust 2,310 AGPL-3.0 203 40 1 Updated Nov 17, 2024
  • takajo Public

    Takajō (鷹匠) is a Hayabusa results analyzer.

    Yamato-Security/takajo’s past year of commit activity
    Nim 91 AGPL-3.0 7 22 0 Updated Nov 9, 2024
  • hayabusa-evtx Public

    A fork of the evtx Rust crate for Hayabusa

    Yamato-Security/hayabusa-evtx’s past year of commit activity
    Rust 6 Apache-2.0 2 4 0 Updated Nov 6, 2024
  • Yamato-Security/Presentations’s past year of commit activity
    15 2 0 0 Updated Nov 5, 2024
  • hayabusa-sample-evtx Public

    Sample evtx files to use for testing hayabusa detection rules

    Yamato-Security/hayabusa-sample-evtx’s past year of commit activity
    44 3 0 0 Updated Nov 4, 2024
  • sigma-to-hayabusa-converter Public

    Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.

    Yamato-Security/sigma-to-hayabusa-converter’s past year of commit activity
    Python 6 GPL-3.0 0 6 0 Updated Oct 14, 2024
  • Yamato-Security/suzaku-rules’s past year of commit activity
    1 1 0 0 Updated Apr 30, 2024
  • EnableWindowsLogSettings Public

    Documentation and scripts to properly enable Windows event logs.

    Yamato-Security/EnableWindowsLogSettings’s past year of commit activity
    Batchfile 556 GPL-3.0 51 1 0 Updated Sep 20, 2023

People

This organization has no public members. You must be a member to see who’s a part of this organization.