python-evtx
Event log parser
A Python module for parsing Windows Event Log files (.evtx) into structured data
Pure Python parser for Windows Event Log files (.evtx)
732 stars
43 watching
166 forks
Language: Python
last commit: 4 months ago
Linked from 1 awesome list
event-logevtxforensics
shadawck/awesome-anti-forensicRelated projects:
| Repository | Description | Stars |
|---|---|---|
| williballenthin/python-evt | A Python module for parsing classic Windows Event Log files (.evt) | 48 |
 ericzimmerman/evtx | Tool to parse Event Viewer logs and extract useful information | 282 |
| williballenthin/evtxtract | Reconstructs fragments of event log data from raw binary files, including unallocated space and memory images. | 189 |
 sumeshi/evtx2es | A Python library that enables fast import of Windows Event Logs into Elasticsearch | 82 |
 fox-it/dissect.eventlog | This is a Python module that parses Windows log file formats | 6 |
 yarox24/evtkit | Tool to repair Windows Event Log files (.evt) acquired during forensic investigations | 18 |
| williballenthin/shellbags | This tool helps reconstruct user activities by parsing Windows Registry data. | 150 |
| williballenthin/lfle | Recover event log entries from an image by identifying record structures. | 27 |
| williballenthin/indxparse | A tool suite for parsing NTFS artifacts and extracting information from INDX files. | 216 |
| williballenthin/process-forest | Tools for reconstructing historical process hierarchies from Windows event logs. | 146 |
 reed1713/elat | A toolset for analyzing Windows event logs to detect and analyze malware | 29 |
 abrignoni/ileapp | Tools for extracting and parsing iOS device data from compressed files or backups | 757 |
| abrignoni/aleapp | An Android log parser and Protobuf analyzer written in Python | 529 |
| fox-it/dissect.etl | A parser for Windows kernel event log files | 2 |
 sbousseaden/evtx-attack-samples | A repository of Windows Event log samples associated with various attack and post-exploitation techniques. | 2,252 |