EVTXtract
Event log reconstruction tool
Reconstructs fragments of event log data from raw binary files, including unallocated space and memory images.
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
189 stars
18 watching
22 forks
Language: Python
last commit: over 4 years ago
Linked from 2 awesome lists
rshipp/awesome-malware-analysis
digitalisx/awesome-memory-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| williballenthin/lfle | Recover event log entries from an image by identifying record structures. | 27 |
| williballenthin/python-evtx | A Python module for parsing Windows Event Log files (.evtx) into structured data | 732 |
| williballenthin/python-evt | A Python module for parsing classic Windows Event Log files (.evt) | 48 |
 yarox24/evtkit | Tool to repair Windows Event Log files (.evt) acquired during forensic investigations | 18 |
| williballenthin/process-forest | Tools for reconstructing historical process hierarchies from Windows event logs. | 146 |
 ericzimmerman/evtx | Tool to parse Event Viewer logs and extract useful information | 282 |
 ecbftw/grokevt | A collection of Python scripts to extract information from Windows event log files | 10 |
 sumeshi/evtx2es | A Python library that enables fast import of Windows Event Logs into Elasticsearch | 82 |
 fx5/not_random | Reconstructs the internal state of a Mersenne Twister algorithm from partial output data | 71 |
| williballenthin/shellbags | This tool helps reconstruct user activities by parsing Windows Registry data. | 149 |
 sbousseaden/evtx-attack-samples | A repository of Windows Event log samples associated with various attack and post-exploitation techniques. | 2,248 |
 crytic/ethersplay | An EVM bytecode disassembler and analysis tool for Ethereum contracts. | 842 |
 viralmaniar/remote-desktop-caching- | Reconstructs and recovers old RDP session information from broken PNG files. | 208 |
 samueltardieu/recoverjpeg | Recovery tool for lost digital files from damaged storage media | 77 |
 xufangchn/motion-deblurring-with-real-events | Develops methods to restore blurry motion sequences from real-world events | 33 |