首页 evtx:Windows XML事件日志(EVTX)格式的快速(安全)解析器

evtx:Windows XML事件日志(EVTX)格式的快速(安全)解析器

上传者: 42117150 | 上传时间: 2024-02-26 23:50:44 | 文件大小: 5.53MB | 文件类型: ZIP
EVTX Windows XML EventLog格式的跨平台解析器 特征 :locked: 使用100%安全防锈实现-并在防锈支持的所有平台(具有stdlib)上运行。 :high_voltage: 快速-请参阅下面的基准。 它比其他任何实现都要快几个数量级! :rocket: 多线程的。 :sparkles: 支持XML和JSON输出,两者均直接从令牌树构造并且彼此独立(不执行xml2json转换!) :pick: 支持丢失记录/块的一些基本恢复! :snake: Python绑定也可以在 (以及PyPi )上获得。 安装(关联的二进制实用程序): 从下载最新的可执行文件版本 自动为Windows,macOS和Linux构建发行版本。 (仅64位可执行文件) 使用cargo install evtx从源进行构建 evtx_dump (二进制实用程序): 此包装箱evtx_dump的主要二进制实用程序是evtx_dump ,它提供了一种将.evtx文件转换

文件下载

资源详情

[{"title":"( 79 个子文件 5.53MB ) evtx:Windows XML事件日志(EVTX)格式的快速(安全)解析器","children":[{"title":"evtx-master","children":[{"title":"LICENSE-MIT <span style='color:#111;'> 1.05KB </span>","children":null,"spread":false},{"title":"LICENSE-APACHE <span style='color:#111;'> 11.09KB </span>","children":null,"spread":false},{"title":"profile_vtune.ps1 <span style='color:#111;'> 549B </span>","children":null,"spread":false},{"title":"eventvwr.ico <span style='color:#111;'> 63.91KB </span>","children":null,"spread":false},{"title":"Cargo.lock <span style='color:#111;'> 36.24KB </span>","children":null,"spread":false},{"title":".github","children":[{"title":"workflows","children":[{"title":"test.yml <span style='color:#111;'> 437B </span>","children":null,"spread":false},{"title":"release.yml <span style='color:#111;'> 4.43KB </span>","children":null,"spread":false}],"spread":true}],"spread":true},{"title":"tests","children":[{"title":"test_cli.rs <span style='color:#111;'> 1.80KB </span>","children":null,"spread":false},{"title":"test_record_separate_json.rs <span style='color:#111;'> 1.05KB </span>","children":null,"spread":false},{"title":"test_cli_interactive.rs <span style='color:#111;'> 2.55KB </span>","children":null,"spread":false},{"title":"fixtures.rs <span style='color:#111;'> 2.51KB </span>","children":null,"spread":false},{"title":"test_full_samples.rs <span style='color:#111;'> 4.57KB </span>","children":null,"spread":false},{"title":"test_record_samples.rs <span style='color:#111;'> 8.28KB </span>","children":null,"spread":false}],"spread":true},{"title":"src","children":[{"title":"bin","children":[{"title":"evtx_dump.rs <span style='color:#111;'> 12.74KB </span>","children":null,"spread":false}],"spread":true},{"title":"evtx_record.rs <span style='color:#111;'> 4.12KB </span>","children":null,"spread":false},{"title":"model","children":[{"title":"raw.rs <span style='color:#111;'> 2.42KB </span>","children":null,"spread":false},{"title":"deserialized.rs <span style='color:#111;'> 2.68KB </span>","children":null,"spread":false},{"title":"mod.rs <span style='color:#111;'> 62B </span>","children":null,"spread":false},{"title":"xml.rs <span style='color:#111;'> 3.50KB </span>","children":null,"spread":false}],"spread":true},{"title":"string_cache.rs <span style='color:#111;'> 1.48KB </span>","children":null,"spread":false},{"title":"evtx_chunk.rs <span style='color:#111;'> 14.75KB </span>","children":null,"spread":false},{"title":"xml_output.rs <span style='color:#111;'> 5.39KB </span>","children":null,"spread":false},{"title":"template_cache.rs <span style='color:#111;'> 1.85KB </span>","children":null,"spread":false},{"title":"binxml","children":[{"title":"mod.rs <span style='color:#111;'> 108B </span>","children":null,"spread":false},{"title":"tokens.rs <span style='color:#111;'> 10.09KB </span>","children":null,"spread":false},{"title":"deserializer.rs <span style='color:#111;'> 10.61KB </span>","children":null,"spread":false},{"title":"assemble.rs <span style='color:#111;'> 15.05KB </span>","children":null,"spread":false},{"title":"value_variant.rs <span style='color:#111;'> 26.12KB </span>","children":null,"spread":false},{"title":"name.rs <span style='color:#111;'> 3.00KB </span>","children":null,"spread":false}],"spread":false},{"title":"json_output.rs <span style='color:#111;'> 18.08KB </span>","children":null,"spread":false},{"title":"evtx_file_header.rs <span style='color:#111;'> 3.69KB </span>","children":null,"spread":false},{"title":"evtx_parser.rs <span style='color:#111;'> 23.52KB </span>","children":null,"spread":false},{"title":"benches","children":[{"title":"benchmark.rs <span style='color:#111;'> 1.43KB </span>","children":null,"spread":false}],"spread":false},{"title":"lib.rs <span style='color:#111;'> 1.79KB </span>","children":null,"spread":false},{"title":"macros.rs <span style='color:#111;'> 6.48KB </span>","children":null,"spread":false},{"title":"utils","children":[{"title":"mod.rs <span style='color:#111;'> 291B </span>","children":null,"spread":false},{"title":"binxml_utils.rs <span style='color:#111;'> 4.34KB </span>","children":null,"spread":false},{"title":"time.rs <span style='color:#111;'> 799B </span>","children":null,"spread":false},{"title":"hexdump.rs <span style='color:#111;'> 4.54KB </span>","children":null,"spread":false}],"spread":false},{"title":"err.rs <span style='color:#111;'> 9.01KB </span>","children":null,"spread":false}],"spread":false},{"title":"Cargo.toml <span style='color:#111;'> 2.08KB </span>","children":null,"spread":false},{"title":"samples","children":[{"title":"event_with_entity_ref.xml <span style='color:#111;'> 4.05KB </span>","children":null,"spread":false},{"title":"event_with_entity_ref_2.xml <span style='color:#111;'> 2.56KB </span>","children":null,"spread":false},{"title":"application_event_1_separate_attributes.json <span style='color:#111;'> 1005B </span>","children":null,"spread":false},{"title":"2-system-Security-dirty.evtx <span style='color:#111;'> 12.07MB </span>","children":null,"spread":false},{"title":"E_Windows_system32_winevt_logs_Microsoft-Windows-Shell-Core%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"E_ShadowCopy6_windows_system32_winevt_logs_Microsoft-Windows-CAPI2%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"sysmon.evtx <span style='color:#111;'> 1.07MB </span>","children":null,"spread":false},{"title":"event_with_text_and_attributes.xml <span style='color:#111;'> 709B </span>","children":null,"spread":false},{"title":"2-vss_0-Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"event_with_template_as_substitution.xml <span style='color:#111;'> 1.16KB </span>","children":null,"spread":false},{"title":"event_with_multiple_nodes_same_name.json <span style='color:#111;'> 4.33KB </span>","children":null,"spread":false},{"title":"sample_with_a_bad_chunk_magic.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"Microsoft-Windows-LanguagePackSetup%4Operational.evtx <span style='color:#111;'> 68.00KB </span>","children":null,"spread":false},{"title":"2-vss_0-Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"Archive-ForwardedEvents-test.evtx <span style='color:#111;'> 4.13MB </span>","children":null,"spread":false},{"title":"new-user-security.evtx <span style='color:#111;'> 68.00KB </span>","children":null,"spread":false},{"title":"binxml.dat <span style='color:#111;'> 1.52KB </span>","children":null,"spread":false},{"title":"event_with_text_and_attributes.json <span style='color:#111;'> 795B </span>","children":null,"spread":false},{"title":"event_with_multiple_nodes_same_name_separate_attr.json <span style='color:#111;'> 4.05KB </span>","children":null,"spread":false},{"title":"Application.evtx <span style='color:#111;'> 4.00MB </span>","children":null,"spread":false},{"title":"security.evtx <span style='color:#111;'> 2.07MB </span>","children":null,"spread":false},{"title":"2-vss_7-System.evtx <span style='color:#111;'> 1.07MB </span>","children":null,"spread":false},{"title":"2-system-Microsoft-Windows-LiveId%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"Microsoft-Windows-HelloForBusiness%4Operational.evtx <span style='color:#111;'> 68.00KB </span>","children":null,"spread":false},{"title":"system.evtx <span style='color:#111;'> 1.07MB </span>","children":null,"spread":false},{"title":"security_big_sample.evtx <span style='color:#111;'> 30.07MB </span>","children":null,"spread":false},{"title":"security_event_1.json <span style='color:#111;'> 864B </span>","children":null,"spread":false},{"title":"Security_short_selected.evtx <span style='color:#111;'> 68.00KB </span>","children":null,"spread":false},{"title":"Application_no_crc32.evtx <span style='color:#111;'> 68.00KB </span>","children":null,"spread":false},{"title":"security_event_1.xml <span style='color:#111;'> 857B </span>","children":null,"spread":false},{"title":"event_with_eventdata.json <span style='color:#111;'> 1.31KB </span>","children":null,"spread":false},{"title":"sample-with-irregular-bool-values.evtx <span style='color:#111;'> 2.07MB </span>","children":null,"spread":false},{"title":"E_Windows_system32_winevt_logs_Microsoft-Windows-CAPI2%4Operational.evtx <span style='color:#111;'> 1.00MB </span>","children":null,"spread":false},{"title":"event_with_eventdata.xml <span style='color:#111;'> 1.54KB </span>","children":null,"spread":false}],"spread":false},{"title":".gitignore <span style='color:#111;'> 48B </span>","children":null,"spread":false},{"title":"CHANGELOG.md <span style='color:#111;'> 9.93KB </span>","children":null,"spread":false},{"title":"release.py <span style='color:#111;'> 258B </span>","children":null,"spread":false},{"title":"README.md <span style='color:#111;'> 6.79KB </span>","children":null,"spread":false}],"spread":false}],"spread":true}]

评论信息

其他资源

免责申明

【只为小站】的资源来自网友分享,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,【只为小站】 无法对用户传输的作品、信息、内容的权属或合法性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论 【只为小站】 经营者是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。
本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二条之规定,若资源存在侵权或相关问题请联系本站客服人员,zhiweidada#qq.com,请把#换成@,本站将给予最大的支持与配合,做到及时反馈和处理。关于更多版权及免责申明参见 版权及免责申明

个人信息

下载历史

相关资源标签

热门下载

最新下载