-
root@kali:/home/kali/Desktop/APT-Hunter# python3 -m pip install -r requirements.txt
Collecting evtx
Using cached evtx-0.6.8.tar.gz (2.2 kB)
ERROR: Command errored out with exit status 1:
…
-
**Description of problem:**
We are analyzing a few memory dumps using `volatility3`. So far we were able to extract several Windows-Eventlogs, Registryhives and several other IOCs from the memory d…
-
I could not get python autocomplete to work properly, even though I have installed the following Packages (using zypper, not pip, because I had multiple breakages of pip before that made updating/un…
-
Tested on Windows10 19042 and Windows Server 2012, I want to use etw to log clear log event (1102), but it doesn't work.
The target provider is Microsoft-Windows-Eventlog, corresponding to GUID `{F…
-
Ok probably someone alredy had this issue but when i touch the osu! lazer direct acces it doesnt open just as if i didnt click it i also tried opening the exe directly and still nothing.
Some times i…
Palxz updated
3 years ago
-
When you refer to the use of "Active Directory logs" - do you mean security.evtx from domain controllers _only_?
Or do you mean security.evtx from all domain-joined servers?
The reason I ask is be…
-
Hi Guys !!
to separate code and data, its awesome to coloring the help in the terminal ( wt, vscode,...etc). with ANSI escape sequences we emphasis the important point and coloring code in the sect…
-
Per https://github.com/libyal/winevt-kb/issues/10 request to keep winevt-kb tooling and plaso closely synced. Best approach is to have the functionality to extract Windows EventLog resources embedded …
-
Dear,
With the minute patch in place where a b is inserted on line 25 i now run into unexpected output.
INFO:process-forest.global:using evtx log file
DEBUG:Evtx.Evtx:FILE HEADER at 0x0.
DEBUG…
-
Hi, first of all an awesome job. I've been trying to use https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES for testing but unfortunately I was not able to do it. What would be the correct approach, i…