GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. GrokEVT is released under the GNU GPL, and is implemented in Python. The scripts work together on one or more mounted Windows® partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Serverless, real-time data analysis framework for incident detection and response.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.