evtkit
evtkit is a tool used for fixing acquired .evt Windows Event Log files in the field of digital forensics. It requires Python 2 (not tested on 3) with no external dependencies. Users can fix .evt files in-place by running evtkit.py on files like AppEvent.Evt and SysEvent.Evt. Additionally, it can find all *.evt files in evt_dir/, copy them to fixed_copy/, and repair them. The tool also offers options such as -h or --help to display the help message, -c or --copy_to_dir to specify the output directory for fixed .evt files, and -q or --quiet to turn off verbosity.
FEATURES
ALTERNATIVES
Documentation project for Digital Forensics Artifact Repository
A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.
Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.