Chainsaw 2.12.2
Author:
F-Secure Countercept
Date: 03/22/2025 Size: 4 MB License: Open Source Requires: 11|10|8|7|Linux|macOS Downloads: 4296 times ![]() Restore Missing Windows Files |
Download (ZIP) Download (Linux Tarball) Download (Mac Intel) Download (Mac Apple Silicon) Download@MajorGeeks Download@MajorGeeks
|
MajorGeeks: Setting the standard for editor-tested, trusted, and secure downloads since 2001. |

Chainsaw allows advanced users to search and hunt through Windows Event Logs rapidly.
Chainsaw provides a powerful ‘first-response’ capability to identify threats within Windows event logs quickly. It offers a generic and fast method of searching through event logs for keywords and identifying threats using built-in detection logic and support for Sigma detection rules.
Chainsaw Features:
Search and extract event log records by event IDs, string matching, and regex patterns
Hunt for threats using Sigma detection rules and custom built-in detection logic
Lightning fast, written in rust, wrapping the EVTX parser library by OBenamram
Document tagging (detection logic matching) provided by the TAU Engine Library
Output in an ASCII table format, CSV format, or JSON format
Chainsaw is designed for advanced users who are comfortable using the Command Prompt. Chainsaw would be most useful for technicians, administrators, or IT.
If you want to see how to program looks, run the following command from the folder you extracted the files to:
./chainsaw hunt evtx_attack_samples/ --rules sigma_rules/ --mapping mapping_files/sigma-mapping.yml
Similar:
How to Clear All Event Logs in Event Viewer in Windows
How to Read the Event Viewer Log for Check Disk
Chainsaw provides a powerful ‘first-response’ capability to identify threats within Windows event logs quickly. It offers a generic and fast method of searching through event logs for keywords and identifying threats using built-in detection logic and support for Sigma detection rules.
Chainsaw Features:
Chainsaw is designed for advanced users who are comfortable using the Command Prompt. Chainsaw would be most useful for technicians, administrators, or IT.
If you want to see how to program looks, run the following command from the folder you extracted the files to:
./chainsaw hunt evtx_attack_samples/ --rules sigma_rules/ --mapping mapping_files/sigma-mapping.yml
Similar:

Top Downloads In Diagnostics




