log2timeline / Plaso
Licence: apache-2.0
Super timeline all the things
Stars: ✭ 1,055
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Plaso
WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (-58.1%)
Mutual labels: timeline, forensics
Timesketch
Collaborative forensic timeline analysis
Stars: ✭ 1,795 (+70.14%)
Mutual labels: forensics, timeline
ForensicsTools
A list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (-62.84%)
Mutual labels: timeline, forensics
Adtimeline
Timeline of Active Directory changes with replication metadata
Stars: ✭ 252 (-76.11%)
Mutual labels: forensics, timeline
siemstress
Very basic CLI SIEM (Security Information and Event Management system).
Stars: ✭ 24 (-97.73%)
Mutual labels: parsing, forensics
Adaptivecards
A new way for developers to exchange card content in a common and consistent way.
Stars: ✭ 950 (-9.95%)
Mutual labels: timeline
Gantt Schedule Timeline Calendar
Gantt Gantt Gantt Timeline Schedule Calendar [ javascript gantt, js gantt, projects gantt, timeline, scheduler, gantt timeline, reservation timeline, react gantt, angular gantt, vue gantt, svelte gantt, booking manager ]
Stars: ✭ 990 (-6.16%)
Mutual labels: timeline
Unitystationbumper
Video bumper for Unity's live streaming channel.
Stars: ✭ 28 (-97.35%)
Mutual labels: timeline
Lug
Parsing expression grammar (PEG) embedded domain specific language and parsing machine for C++17
Stars: ✭ 44 (-95.83%)
Mutual labels: parsing
Amt Forensics
Retrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.
Stars: ✭ 37 (-96.49%)
Mutual labels: forensics
Domainname Parser
🏬 .NET domain name parsing library (uses publicsuffix.org)
Stars: ✭ 31 (-97.06%)
Mutual labels: parsing
Timeline
Awesome UI: Timeline with images in Xamarin.Forms.
Stars: ✭ 29 (-97.25%)
Mutual labels: timeline
Got Reload
Reload Go code in a running process at function/method level granularity, using Yaegi
Stars: ✭ 29 (-97.25%)
Mutual labels: parsing
Firefed
🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening
Stars: ✭ 37 (-96.49%)
Mutual labels: forensics
React Native Parsed Text
Parse text and make them into multiple React Native Text elements
Stars: ✭ 969 (-8.15%)
Mutual labels: parsing
Plaso (Plaso Langar Að Safna Öllu) - super timeline all the things
Plaso (Plaso Langar Að Safna Öllu), or super timeline all the things, is a Python-based engine used by several tools for automatic creation of timelines. Plaso default behavior is to create super timelines but it also supports creating more targeted timelines.
These timelines support digital forensic investigators/analysts, to correlate the large amount of information found in logs and other files found on an average computer.
A longer version
The initial purpose of Plaso was to collect all timestamped events of interest on a computer system and have them aggregated in a single place for computer forensic analysis (aka Super Timeline).
However Plaso has become a framework that supports:
- adding new parsers or parsing plug-ins;
- adding new analysis plug-ins;
- writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.
And is moving to support:
- adding new general purpose parses/plugins that may not have timestamps associated to them;
- adding more analysis context;
- tagging events;
- allowing more targeted approach to the collection/parsing.
Also see
- Homepage
- Downloads
- Documentation
- Contact information:
- Plaso channel on Open Source DFIR Slack community
- Mailing list for general discussions: log2timeline-discuss
- Mailing list for development: log2timeline-dev
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].