libevtx
libevtx is a library to access the Windows XML Event Log (EVTX) format. It provides a way to access and parse EVTXML files, allowing for the extraction of useful information from Windows event logs. The library is written in C and provides a Python binding, making it a useful tool for digital forensics and incident response. It is licensed under the LGPLv3+ and is currently in the alpha stage, with multi-threading support planned for future development. For more information, users can access the project documentation and building instructions on the GitHub wiki.
FEATURES
ALTERNATIVES
A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
A library for working with Windows NT data types, providing access and manipulation functions.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.