home/categories/debugging/mukul975-anthropic-cybersecurity-skills-skills-extracting-windows-event-logs-artifacts-skill-md

debuggingtools

extracting-windows-event-logs-artifacts

Name: extracting-windows-event-logs-artifacts
Author: mukul975

Extract, parse, and analyze Windows Event Logs (EVTX) using Chainsaw, Hayabusa, and EvtxECmd to detect lateral movement, persistence, and privilege escalation.

View Source debugging

maintainer

mukul975

Updated 4/6/2026

Stars

4240

Forks

464

quick start

Installation and usage

Extract, parse, and analyze Windows Event Logs (EVTX) using Chainsaw, Hayabusa, and EvtxECmd to detect lateral movement, persistence, and privilege escalation.

Installation

$ install --globalskills.sh

Usage

Once installed, you can use this skill by running the following command in your terminal:

skills use extracting-windows-event-logs-artifacts