LfLe
0
Free
Recover event log entries from an image by heuristically looking for record structures. Dependencies: argparse (http://pypi.python.org/pypi/argparse available via easy_install/pip). Usage: Use this tool to extract event log messages from an image file by looking for things that appear to be records. Then, feed the resulting file into an event log viewer, such as Event Log Explorer (http://www.eventlogxp.com/, use 'direct' mode when opening). Sample Output: evt/LfLe - [master●] » python lfle.py '/media/truecrypt2/VM/Windows XP Professional - Service Pack 3 - TEMPLATE/Windows XP Professional - Service Pack 3-cl1.vmdk' recovered.evt 100% complete% done. Wrote 5413 records. Skipped 48 records with length greater than 0x10000. Skipped 12.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
A simple Golang application for storing NIST National Software Reference Library Reference Data Set (NSRL RDS) with md5 and sha1 hash lookup searches.
Documentation project for Digital Forensics Artifact Repository
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.
Exiv2 is a C++ library and command-line utility for image metadata manipulation.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security