dissect.etl

Event logger

A parser for Windows kernel event log files

A Dissect module implementing a parser for Event Trace Log (ETL) files, used by the Windows operating system to log kernel events.

GitHub

2 stars

12 watching

1 forks

Language: Python

last commit: 5 months ago

Related projects:

Repository	Description	Stars
fox-it/dissect.eventlog	This is a Python module that parses Windows log file formats	6
fox-it/dissect.executable	A module implementing parsers for various executable file formats.	0
fox-it/dissect.xfs	A parser for the XFS file system used by RedHat Linux distributions.	2
fox-it/dissect.archive	A Dissect module implementing parsers for various archive and backup formats.	0
fox-it/dissect.ole	A Python module that parses the Object Linking & Embedding (OLE) format used by document editors on Windows operating systems.	3
fox-it/dissect.thumbcache	An implementation of a parser for the Windows thumbcache.	1
fox-it/dissect.fat	A module implementing parsers for FAT and exFAT file systems used on flash memory storage devices	2
fox-it/dissect.volume	A Python module implementing parsers for various disk volume and partition systems	3
fox-it/dissect	A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats.	924
fox-it/dissect.clfs	A parser module for the CLFS file system of Windows.	5
fox-it/dissect.target	Provides a programming API and command line tools to access various data sources inside disk images or file collections.	44
fox-it/dissect.esedb	An implementation of a parser for Microsofts Extensible Storage Engine Database	18
fox-it/dissect.sql	A Dissect module implementing parsers for the SQLite database file format.	6
fox-it/dissect.shellitem	A Dissect module implementing a parser for the Shellitem structures used by Microsoft Windows	2
fox-it/dissect.vmfs	A Python module implementing a parser for the VMFS file system used by VMware virtualization software.	3