Chainsaw is a powerful tool designed for rapidly searching and hunting through Windows event logs. While not specifically focused on AD CS, it can be invaluable in detecting and investigating potential AD CS-related security incidents by analyzing relevant Windows events.

• High-speed log parsing and analysis
• Custom rule sets for threat hunting
• Support for various log formats
• Integration with other security tools

chainsaw hunt -r rules/ -l logs/