chainsaw
chainsaw
Execute chainsaw
1
2
# mapping is a folder from chainsaw github
./chainsaw hunt -r rules/ evtx_attack_samples -s sigma/rules --mapping mappings/sigma-event-logs-all.yml --level critical
Install
1
2
3
4
5
6
7
8
# clone the repo
git clone https://github.com/countercept/chainsaw.git
# build the application
sudo cargo build --release
# execute
./target/release/chainsaw
Errors
on error update rust
1
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
sources
This post is licensed under CC BY 4.0 by the author.