Markus Einarsson

icon location Linköping, Sweden icon location Blue teamer, defensive security, digital forensics, incident response, personal productivity, GTD, FIRE, paperless, metalhead.

Results 3 issues of Markus Einarsson

Support for more F-Secure alerts / log providers

2 comment

Request to add support for more event log providers related to F-Secure alerts. The built-in support for F-Secure alerts consumes events from the "F-Secure Ultralight SDK" provider. My limited research...

question

Add low-memory-mode option to support larger input files

2 comment

Would it be possible to add a `--low-memory-mode` option for Takajo, similar to the recently added option in Hayabusa? I often process Windows Event Forwarding (WEF) logs (ForwardedEvents.evtx), which are...

enhancement

FR: Use WinHTTP and WinINET for dynamic proxy detection

1 comment

**Background** A Velociraptor offline collector has been configured to upload the triage collection to Azure blob storage. It works as expected in environments where direct outgoing connections are allowed. In...