W3CSaw
Chainsaw-style DFIR hunting for IIS W3C logs. Parses IIS access logs, normalizes them, and applies Sigma-inspired YAML rules to surface web shells, exploitation, scanning, and brute force.
Chainsaw-style DFIR hunting for IIS W3C logs. Parses IIS access logs, normalizes them, and applies Sigma-inspired YAML rules to surface web shells, exploitation, scanning, and brute force.
A CLI utility that processes THOR scan output and converts YARA rule matches into clean, filterable CSV files — cutting triage time during incident response.