v2.6.1

This release contains the following changes of note:

• Fix hunts not running on .jsonl files
• Bring in some false positive reduction for the default Sigma rules mapping file

v2.6.0

This release contains the following changes of note:

• A new feature for creating execution timelines using shimcache artifacts with optional amcache enrichment
• Added functionality to parse Windows registry hive files
• Fixed missing check make sure that path is not a file when using csv to prevent time wasting
• Upgraded to the new Tau engine that has full support for floats

v2.5.0

This release contains the following changes of note:

• Bring in upstream fix for evtx files that contain the size_t type (thanks to upstream for such a quick turn around)
• Add in a dump command so that people stop bodging the functionality via search
• Minor fixes and tweaks

v2.4.0

This release contains the following changes of note:

• Add back in the version flag
• Multiple optimisations to the hunt feature of Chainsaw
• Allow JSONL to stream out when hunting to reduce RAM usage when a large number of files are passed
• Allow number of threads to be specified when hunting
• Add preprocessing option to hunting for further speed up (only really required when single threaded)
• Minor fixes and tweaks

v2.3.1

This release contains the following changes of note:

• Fix for panic when supplying invalid Tau expressions, errors are now handled gracefully.

v2.3.0

This release contains the following changes of note:

• Output file name for JSON based output
• Show culprit file when hunting errors occur
• Tweaks and improvements to command line arguments

v2.2.0

This release contains the following changes of note:

• Support for outputting in newline delimited JSON
• Fixes potential crash with table output when truncating strings
• Allows for preconditions to be applied in mapping files to handle poor rules

v2.1.1

This release contains the following changes of note:

• Fix some incorrectly handled prints
• Improve the consistency of parsing the hunt command line
• Reduce the RAM usage
• Add -j back in for --json

v2.1.0

This release contains the following changes of note:

• Fixes broken edge cases in complex mapping objects
• Adds support for new line delimited JSON
• Reduces memory usage for some of the parsers
• Re-adds support for evt files
• Adds support for MFTs

v2.0.0

Release of Chainsaw v2! 🥳

Please see the currently running discussion for information on Chainsaw v2: #77