python-evtx Logo

python-evtx

0
Free
SIEM
windows
event-log
python
file-analysis
binary-security
Visit Website

python-evtx is a pure Python parser for recent Windows Event Log files (those with the file extension ".evtx"). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation "Parse-Evtx".

FEATURES

ALTERNATIVES

syslog-ng Logo
syslog-ng

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

Commercial
SIEM
LogonTracer Logo
LogonTracer

Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.

Free
SIEM
ELAT (Event Log Analysis Tool) Logo
ELAT (Event Log Analysis Tool)

ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.

Free
SIEM
Zircolite Logo
Zircolite

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Free
SIEM
visualize_logs Logo
visualize_logs

Python library and command line tools for log visualization with interactive plots.

Free
SIEM
Zentral Logo
Zentral

An Event Hub to gather, process, and monitor system events and link them to an inventory.

Free
SIEM
MongoDB-HoneyProxy Logo
MongoDB-HoneyProxy

A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.

Free
SIEM
GrokEVT Logo
GrokEVT

GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.

Free
SIEM

PINNED

InfoSecHired Logo

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial
Resources
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Free
Resources
Kriptos Logo

Kriptos

An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.

Commercial
Data Protection
System Two Security Logo

System Two Security

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Commercial
Security Operations
Aikido Security Logo

Aikido Security

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Commercial
Application Security
Permiso Logo

Permiso

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial
IAM
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security