python-evtx
python-evtx is a pure Python parser for recent Windows Event Log files (those with the file extension ".evtx"). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation "Parse-Evtx".
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A service that analyzes and visualizes security data to investigate potential security issues.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.