libevtx Logo

libevtx

0
Free
Visit Website

libevtx is a library to access the Windows XML Event Log (EVTX) format. It provides a way to access and parse EVTXML files, allowing for the extraction of useful information from Windows event logs. The library is written in C and provides a Python binding, making it a useful tool for digital forensics and incident response. It is licensed under the LGPLv3+ and is currently in the alpha stage, with multi-threading support planned for future development. For more information, users can access the project documentation and building instructions on the GitHub wiki.

FEATURES

ALTERNATIVES

TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.

Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.

A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.

A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

Documentation project for Digital Forensics Artifact Repository

RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.

Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.

A collaborative forensic timeline analysis tool for organizing and analyzing data with rich annotations and comments.

PINNED