Microsoft

ESC8 & ECS11 (petitpotam)

Chainsaw

LogoGitHub - Yamato-Security/RustyBlue: RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.GitHub

WELA

LogonTracer

LogoGitHub - sbousseaden/EVTX-ATTACK-SAMPLES: Windows Events Attack SamplesGitHub
LogoWindows Forensic 101: How to Perform Forensic Investigation of Windows Machine?Medium
PreviousPlasoNextWindows

Last updated