Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections (by mthcht)
chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts (by WithSecureLabs)
Purpleteam | chainsaw | |
---|---|---|
1 | 14 | |
123 | 2,566 | |
- | 2.2% | |
7.8 | 8.3 | |
27 days ago | about 1 month ago | |
PowerShell | Rust | |
- | GNU General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Purpleteam
Posts with mentions or reviews of Purpleteam.
We have used some of these posts to build our list of alternatives
and similar projects.
chainsaw
Posts with mentions or reviews of chainsaw.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-04-29.
-
Angle-grinder: Slice and dice logs on the command line
There’s already a DFIR log tool named chainsaw: https://github.com/WithSecureLabs/chainsaw
- Agent event queue is flooded. Check the agent configuration
- What's your favorite cybersecurity tool?
-
Tools for "static" log analysis
https://github.com/WithSecureLabs/chainsaw if you're just looking for bad stuff.
- Chainsaw v2.0 Release - Hunt and Search Through Windows Event Logs
- Chainsaw v2.0.0 - Rapidly Search and Hunt through Windows Event Logs
- Chainsaw 2.0: Allows users to rapidly search through Windows event logs and hunt for threats using Sigma detection rules.
-
EvtxHussar 1.0
Differences between this and Chainsaw? Chainsaw
- IR log Collection/Parsing Recommendations
-
AMA : I’m a cybersecurity engineer at Microsoft .
Use Chainsaw for event logs https://github.com/countercept/chainsaw
What are some alternatives?
When comparing Purpleteam and chainsaw you can also consider the following projects:
MAL-CL - MAL-CL (Malicious Command-Line)
EvtxHussar - Initial triage of Windows Event logs
UltimateAppLockerByPassList - The goal of this repository is to document the most common techniques to bypass AppLocker.
hayabusa - Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
awesome-lists - Security lists for SOC detections
zff-rs - Library to handle the files in zff format (file format to store and handle forensic acquisitions).
macOS-ATTACK-DATASET - JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
WELA - WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)