Simple web app that allows to visualize RDP (Remote Desktop Protocol) sessions.
Once you run the app, you can import json output from Chainsaw.
Disclaimer: this is work in progress, so expect bugs and missing features.
- Get Chainsaw
- Run it with
./chainsaw hunt <INPUT_FOLDER_CONTAINING_EVTX_FILES> --mapping mappings/sigma-event-logs-all.yml -r rules/rdp_attacks/ -o <OUTPUT_FILE>.json -j - Import
<OUTPUT_FILE>.jsoninto RDPVis
- Chainsaw for the awesome work on the evtx parser
- EVTX-ATTACK-SAMPLES for the sample evtx files
- MUI for the UI React components
- React for the UI framework