Detection Tools: LogonTracer, DeepBlueCLI, OpenUBA, Hayabusa
- LogonTracer: https://github.com/JPCERTCC/LogonTracer – Tool for visualizing logon events.
- DeepBlueCLI: https://github.com/sans-blue-team/DeepBlueCLI – PowerShell script for event log analysis.
- OpenUBA: https://openuba.org/ – Open-source user behavior analytics platform.
- Hayabusa: https://github.com/Yamato-Security/hayabusa – Fast forensics timeline generator and threat hunting tool.
