mirror of
https://github.com/rshipp/awesome-malware-analysis.git
synced 2024-12-18 18:26:09 +00:00
Add @williballenthin EVTXtract and python libs
This commit is contained in:
parent
14f842b591
commit
bce5ea7566
@ -216,6 +216,8 @@ the [browser malware](#browser-malware) section.*
|
||||
|
||||
* [bulk_extractor](https://github.com/simsong/bulk_extractor) - Fast file
|
||||
carving tool.
|
||||
* [EVTXtract](https://github.com/williballenthin/EVTXtract) - Carve Windows
|
||||
Event Log files from raw binary data.
|
||||
* [Foremost](http://foremost.sourceforge.net/) - File carving tool designed
|
||||
by the US Air Force.
|
||||
* [Hachoir](https://bitbucket.org/haypo/hachoir) - A collection of Python
|
||||
@ -299,6 +301,10 @@ the [browser malware](#browser-malware) section.*
|
||||
|
||||
## Windows Artifacts
|
||||
|
||||
* [python-evt](https://github.com/williballenthin/python-evt) - Python
|
||||
library for parsing Windows Event Logs.
|
||||
* [python-registry](http://www.williballenthin.com/registry/) - Python
|
||||
library for parsing registry files.
|
||||
* [RegRipper](https://regripper.wordpress.com/)
|
||||
([GitHub](https://github.com/keydet89/RegRipper2.8)) -
|
||||
Plugin-based registry analysis tool.
|
||||
|
Loading…
Reference in New Issue
Block a user