libevtx Logo

libevtx

0
Free
Visit Website

libevtx is a library to access the Windows XML Event Log (EVTX) format. It provides a way to access and parse EVTXML files, allowing for the extraction of useful information from Windows event logs. The library is written in C and provides a Python binding, making it a useful tool for digital forensics and incident response. It is licensed under the LGPLv3+ and is currently in the alpha stage, with multi-threading support planned for future development. For more information, users can access the project documentation and building instructions on the GitHub wiki.

FEATURES

ALTERNATIVES

A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.

Tool for analyzing Windows Recycle Bin INFO2 file

A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.

Automated digital image forensics tool

An extensible network forensic analysis framework with deep packet analysis and plugin support.

A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

A community-sourced repository of digital forensic artifacts in YAML format.

PINNED