Cross-platform, open-source shellbag parser
updated at April 4, 2024, 3:27 p.m.
Pure Python parser for classic Windows Event Log files (.evt)
updated at June 17, 2024, 3:04 a.m.
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
updated at June 22, 2024, 9:27 p.m.