EVTXtract
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
181 stars
18 watching
23 forks
Language: Python
last commit: over 4 years ago
Linked from 2 awesome lists
rshipp/awesome-malware-analysis
digitalisx/awesome-memory-forensics