GrokEVT Version 0.4.0

By Andreas Schuster on April 9, 2007 4:00 PM
GrokEVT is a set of Python scripts for reading Windows Event Log files (.evt) on Unix hosts. New in version 0.4.0 is grokevt-findlogs which carves event records from raw binary data like unallocated clusters or a memory dump.

Categories:

Tags:

Search

Deutsch

Deutschsprachige Ausgabe

Recent Entries

Tag Cloud

Categories

Archives

Imprint

This blog is a project of:
Andreas Schuster
Im Äuelchen 45
D-53177 Bonn
impressum@forensikblog.de

Copyright © 2005-2012 by
Andreas Schuster
All rights reserved.
Powered by Movable Type 5.12