libevt is a library to access the Windows Event Log (EVT) format.The library provides a way to read and parse EVT files, which are used to store event logs in Windows operating systems.libevt is open-source and licensed under the LGPLv3+ license.It is currently in the alpha stage and has a wiki page with documentation and instructions on how to build from source.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.