Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

WithSecureLabs / chainsaw Public

Notifications You must be signed in to change notification settings
Fork 270
Star 3k

Code
Issues 12
Pull requests 1
Discussions
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Wiki
Security
Insights

Releases: WithSecureLabs/chainsaw

Releases · WithSecureLabs/chainsaw

v2.11.0

28 Dec 18:22

Compare

Choose a tag to compare

Loading

v2.11.0 Latest

Latest

This release contains the following changes of note:

Improvements to the MFT parser, allowing data streams to be extracted, decoded and written to disk.
Decoded MFT Datastreams can now be queried via the Search command and via the Hunt Command.

Additional information in the related PR: #210

This release addresses #190 #191. Thanks to @IppSec for the suggestion.

Assets 9

Loading

RomelSan, dbissell6, and a1l4m reacted with thumbs up emoji

All reactions

👍 3 reactions

3 people reacted

v2.10.4

24 Dec 14:24

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.4

Changes in this release:

Add --skip-errors helper message when chainsaw bails from a hunt
Improve progress logging for hunt command, now displays elapsed time and the current artefact file being processed

Assets 9

Loading

All reactions

v2.10.3

22 Dec 14:31

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.3

This release contains the following changes of note:

Adds -v and -vv to output debug and trace.

Assets 9

Loading

All reactions

v2.10.2

22 Dec 10:46

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.2

This release contains the following changes of note:

New Chainsaw Detection Rules
Significant speed improvements when searching across multiple event log files

Assets 9

Loading

All reactions

v2.10.1

27 Oct 18:21

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.1

This release contains the following changes of note:

Minor bug fixes
New Chainsaw rules
ARM build for Linux

Assets 9

Loading

RomelSan, JakePeralta7, and irmakcaglayan reacted with thumbs up emoji

All reactions

👍 3 reactions

3 people reacted

v2.10.0

24 Aug 15:29

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.0

This release contains the following changes of note:

Add the Key/Value (kv) container that can be used to extract key value pairs from strings. (#178)

Thanks to @reece394 for requesting the above (#177) and supplying the PowerShell rules that make use of it (#179).

Contributors

reece394

Assets 8

Loading

All reactions

v2.10.0-beta.1

24 Aug 14:49

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.0-beta.1 Pre-release

Pre-release

build: bump to version 2.10.0-beta.1

Assets 8

Loading

All reactions

v2.10.0-beta.0

24 Aug 11:31

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.10.0-beta.0 Pre-release

Pre-release

build: bump to version 2.10.0-beta.0

Assets 8

Loading

All reactions

v2.9.3

19 Aug 18:00

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.9.3

This release contains the following changes of note:

Fixes handling of invalid link dates in the amcache (#176)

Assets 8

Loading

RomelSan reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v2.9.2

11 Jul 21:07

This commit was signed with the committer’s verified signature.

alexkornitzer Alex Kornitzer

SSH Key Fingerprint: MdORbOPc6sxvICkh21LguAgpWZ47vZk2g4DkBDlZK0c Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v2.9.2

This release contains the following changes of note:

Fixes incorrect handling of amcache hive on new versions of Windows. (#173)

Assets 8

Loading

All reactions

Previous 1 2 3 4 5 6 Next

Previous Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.