evtkit
Event log repair tool
Tool to repair Windows Event Log files (.evt) acquired during forensic investigations
Fix acquired .evt - Windows Event Log files (Forensics)
18 stars
4 watching
4 forks
Language: Python
last commit: almost 9 years ago
Linked from 1 awesome list
shadawck/awesome-anti-forensicRelated projects:
| Repository | Description | Stars |
|---|---|---|
 williballenthin/python-evtx | A Python module for parsing Windows Event Log files (.evtx) into structured data | 732 |
| williballenthin/evtxtract | Reconstructs fragments of event log data from raw binary files, including unallocated space and memory images. | 191 |
| williballenthin/python-evt | A Python module for parsing classic Windows Event Log files (.evt) | 49 |
 yamato-security/wela | Analyzes Windows Event Logs to identify security-related events and provides forensic tools for incident response. | 769 |
 ericzimmerman/evtx | Tool to parse Event Viewer logs and extract useful information | 283 |
 sumeshi/evtx2es | A Python library that enables fast import of Windows Event Logs into Elasticsearch | 82 |
 dissectmalware/officeforensictools | A Python-based collection of tools for gathering forensic information from Office documents | 26 |
 mdecrevoisier/evtx-to-mitre-attack | Provides Windows log event indicators mapped to MITRE ATT&CK tactic and techniques | 532 |
 ecbftw/grokevt | A collection of Python scripts to extract information from Windows event log files | 10 |
 reed1713/elat | A toolset for analyzing Windows event logs to detect and analyze malware | 29 |
 travisfoley/dfirtriage | A digital forensic tool designed to gather and analyze data from Windows-based systems in incident response scenarios. | 335 |
 pjrinaldi/wombatforensics | A multi-threaded GUI forensic analysis tool for Linux | 48 |
 sbousseaden/evtx-attack-samples | A repository of Windows Event log samples associated with various attack and post-exploitation techniques. | 2,265 |
 fox-it/dissect.eventlog | Provides parsers for parsing Windows log file formats | 6 |
 vitaly-kamluk/bitscout | A customizable tool for creating bootable disk images for remote system analysis and forensic investigations. | 464 |