airbus-cert/etl-parser external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

airbus-cert/etl-parser

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/airbus-cert/etl-parser)

Close

airbus-cert / etl-parserView on GitHubMore

• External links
• Readme badge

Event Trace Log file parser in pure Python

☆150Nov 27, 2020Updated 5 years ago

Alternatives and similar repositories for etl-parser

Users that are interested in etl-parser are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆212Mar 31, 2025Updated 11 months ago
• forensiclunch / ETLParser

  View on GitHub
  Binary commandline executable to parse ETL files
  ☆69Jun 7, 2018Updated 7 years ago
• jschicht / MftCarver

  View on GitHub
  Carve $MFT records from a chunk of data (for instance a memory dump)
  ☆16Aug 21, 2016Updated 9 years ago
• airbus-cert / etwbreaker

  View on GitHub
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆56Jul 8, 2022Updated 3 years ago
• airbus-cert / timeliner

  View on GitHub
  A rewrite of mactime, a bodyfile reader
  ☆40Aug 5, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• fireeye / pywintrace

  View on GitHub
  ETW Python Library
  ☆293Aug 11, 2023Updated 2 years ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆117Jan 26, 2022Updated 4 years ago
• fireeye / BitsParser

  View on GitHub
  ☆152Jun 5, 2024Updated last year
• airbus-cert / Winshark

  View on GitHub
  A wireshark plugin to instrument ETW
  ☆580Jan 28, 2022Updated 4 years ago
• Velocidex / evtx-data

  View on GitHub
  Publicly shareable windows event log message data
  ☆28Nov 29, 2019Updated 6 years ago
• bsi-group / autorun-logger-server

  View on GitHub
  Server for receiving autorun data from the clients
  ☆13Sep 26, 2017Updated 8 years ago
• ANSSI-FR / DFIR-O365RC

  View on GitHub
  PowerShell module for Office 365 and Azure log collection
  ☆280Sep 22, 2025Updated 6 months ago
• RomanEmelyanov / CobaltStrikeForensic

  View on GitHub
  Toolset for research malware and Cobalt Strike beacons
  ☆211Mar 11, 2025Updated last year
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• yarox24 / evtkit

  View on GitHub
  Fix acquired .evt - Windows Event Log files (Forensics)
  ☆18Mar 29, 2016Updated 9 years ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆211May 16, 2022Updated 3 years ago
• sumeshi / mft2es

  View on GitHub
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆12Jun 23, 2025Updated 9 months ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆44Jul 18, 2022Updated 3 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• jdu2600 / Windows10EtwEvents

  View on GitHub
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆332May 2, 2024Updated last year
• msuhanov / yarp

  View on GitHub
  Yet another registry parser
  ☆137Apr 15, 2022Updated 3 years ago
• airbus-cert / ttd2mdmp

  View on GitHub
  Extract data of TTD trace file to a minidump
  ☆30Jul 31, 2023Updated 2 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• kacos2000 / WindowsTimeline

  View on GitHub
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Feb 16, 2023Updated 3 years ago
• mandiant / SilkETW

  View on GitHub
  ☆825Jun 1, 2023Updated 2 years ago
• nccgroup / pybeacon

  View on GitHub
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆169Jan 5, 2021Updated 5 years ago
• ReconInfoSec / rhq

  View on GitHub
  Recon Hunt Queries
  ☆79May 16, 2021Updated 4 years ago
• swisscom / PowerSponse

  View on GitHub
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆40Mar 18, 2022Updated 4 years ago
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated 2 years ago
• chaoticmachinery / mass_triage_tools

  View on GitHub
  Mass Triage Tools
  ☆20Mar 10, 2026Updated 2 weeks ago
• airbus-cert / Splunk-ETW

  View on GitHub
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Oct 14, 2020Updated 5 years ago
• SecurityJosh / MuteSysmon

  View on GitHub
  A PowerShell script to prevent Sysmon from writing its events
  ☆17Apr 23, 2020Updated 5 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• alwashmi / MasterParser

  View on GitHub
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆24Jul 9, 2021Updated 4 years ago
• airbus-cert / cacdec

  View on GitHub
  The hidden mstsc recorder player
  ☆27Mar 9, 2020Updated 6 years ago
• JPCERTCC / MalConfScan

  View on GitHub
  Volatility plugin for extracts configuration data of known malware
  ☆495Dec 22, 2023Updated 2 years ago
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆266Nov 25, 2023Updated 2 years ago
• AlecRandazzo / Packrat

  View on GitHub
  Live system forensic collector
  ☆16Jun 8, 2022Updated 3 years ago
• MAECProject / pefile-to-maec

  View on GitHub
  Generate MAEC XML from Ero Carrera's pefile output
  ☆15Mar 6, 2017Updated 9 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,531Jan 24, 2023Updated 3 years ago