EVTXtract in rshipp/awesome-malware-analysis

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

created at Oct. 5, 2013, 8:59 p.m.

Python

18 +0

191 +0

22 +0

GitHub
shellbags in apsdehal/awesome-ctf

Cross-platform, open-source shellbag parser

created at Nov. 23, 2011, 2:12 a.m.

Python

16 +0

151 +0

37 +0

GitHub
python-evt in rshipp/awesome-malware-analysis

Pure Python parser for classic Windows Event Log files (.evt)

created at Jan. 24, 2015, 4:07 p.m.

Python

6 +0

49 +0

11 +0

GitHub