python-evtx Logo

python-evtx

A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.

753
Security Operations Open Source
ParserWindows Event LogsWindowsLog Management
Visit website
Compare
Compare
0
Explore Security Operations4 AlternativesCompareStacksMarket MapExplore All Tools
MCPThe entire cybersecurity market, one prompt awayTry MCP Access

python-evtx Description

python-evtx is a pure Python parser designed for analyzing Windows Event Log files with the .evtx extension. The module enables cross-platform examination of Windows event logs, allowing investigators to review Windows 7 and later system logs from Mac or Linux workstations. The parser provides programmatic access to multiple components of EVTX files including File headers, Chunk headers, record templates, and individual event entries. This functionality supports detailed forensic analysis of Windows system activities and security events. The tool's implementation draws from Andreas Schuster's Perl-based "Parse-Evtx" parser, adapting the structure definitions and parsing methodologies for Python environments. This cross-platform capability makes it valuable for digital forensics workflows that require Windows event log analysis on non-Windows systems.

python-evtx FAQ

Common questions about python-evtx including features, pricing, alternatives, and user reviews.

python-evtx is A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.. It is a Security Operations solution designed to help security teams with Parser, Windows Event Logs, Windows.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Hudson Rock Logo
Hudson Rock
Threat Management
Get Featured

ALTERNATIVES

libregf Logo
libregf

A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.

0
LastActivityView Logo
LastActivityView

A tool that collects and displays user activity and system events on a Windows system.

0
liblnk Logo
liblnk

A library to access and parse Windows Shortcut File (LNK) format.

0
GrokEVT Logo
GrokEVT

GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.

0

POPULAR

RoboShadow Logo
RoboShadow
Vulnerability Assessment
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence
Threat Intelligence Platforms
Cybersec Feeds Logo
Cybersec Feeds
Threat Intelligence Platforms
TestSavant AI Security Assurance Platform Logo
TestSavant AI Security Assurance Platform
AI Red Teaming
Fabric Platform by BlackStork Logo
Fabric Platform by BlackStork
Security Information and Event Management
View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
524
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
413
Managed Detection and Response
Managed Detection and Response (MDR) services that provide 24/7 threat monitoring, detection, and response capabilities managed by security experts.
299
Multi-Factor Authentication and Single Sign-On
Multi-factor authentication (MFA) and single sign-on (SSO) solutions for secure user authentication and access control.
296
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
289
View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox