Welcome to THOR Log Analysis documentation!
- 1. Introduction
- 2. Analyst Profile
- 3. General Recommendations
- 4. FileScan
- 5. SHIMcache
- 6. Autoruns
- 7. LogScan
- 8. GroupsXML
- 9. Registry
- 10. WMIPersistence
- 11. VulnerabilityCheck
- 12. LoggedIn
- 13. ProcessCheck
- 14. HotfixCheck
- 15. RunKeyCheck
- 16. AmCache
- 17. Firewall
- 18. ServiceCheck
- 19. DNSCache
- 20. Hosts
- 21. WMIStartup
- 22. CommandCheck
- 23. ProcessHandles
- 24. ProcessConnection
- 25. WER
- 26. UserAccounts
- 27. AtJobs
- 28. ScheduledTasks
- 29. Rescontrol
- 30. DeepDive
- 31. Other Modules
- 32. Generic Checks
- 33. Tools for Event Analysis