Skip to content

Home

Jump to bottom
Joachim Metz edited this page Sep 29, 2024 · 15 revisions

winevt-kb is a project to build a Windows Event Log knowledge base.

This project is a continuation of the libevt and libevtx application specific Windows Event Log messages documentation.

Note that this a continuous work in progress

winevtrc is a Python module part of winevt-kb to allow reuse of Windows Event Log resources.

Project status

Github Actions AppVeyor Codecov PyPI
test_docker Build status codecov PyPI version

Dependencies

  • dfVFS; Digital Forensics Virtual File System
  • pyexe; Python-bindings to access the executable (EXE) format
  • pyfwevt; Python-bindings to access Windows XML Event Log (EVTX) data types
  • pyregf; Python-bindings to access the Windows NT Registry File (REGF) format
  • pywrc; Python-bindings to access the Windows Resource Compiler (WRC) format

Also see

  • libevt; library and tooling to access the Windows Event Log (EVT) format.
  • libevtx; library and tooling to access the Windows XML Event Log (EVTX) format.
Clone this wiki locally