EN
ENNA

Plaso (log2timeline)

Apache-2.0

🔬 Digital Forensics · Python

Plaso (log2timeline) is a super timeline creation engine that extracts timestamps from multiple forensic artifact sources into a single timeline. It supports a wide range of log and artifact formats, facilitating comprehensive forensic analysis. Written in Python, Plaso is widely used in digital forensics for its ability to correlate events from diverse data sources, providing a unified view of system activities over time.

2.0kstars
411forks
321issues
Updated 1mo ago
View on GitHubOfficial Website

Installation

$ pip install plaso

Tags

timelinelog-analysisartifactsuper-timelineforensicsparsing

Details

Category
🔬 Digital Forensics
Language
Python
License
Apache-2.0
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/log2timeline/plaso

Official Website

plaso.readthedocs.io

Releases

github.com/log2timeline/plaso/releases

Issues

github.com/log2timeline/plaso/issues

Sponsored

Your ad here

Reach security professionals and developers — ads@en-na.com

More in Digital Forensics

Volatility 3

Python

Advanced memory forensics framework. Extracts artifacts from RAM dumps — processes, network connections, registry.

memoryram-dumpartifact-extraction

Autopsy

Java

Digital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.

disk-forensicsguitimeline

Ghidra

Java

NSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.

reverse-engineeringdecompilerbinary-analysis

Binwalk

Python

Firmware analysis tool. Searches binary images for embedded files, executables, and file systems.

firmwarebinaryextraction

YARA

C

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

malwarepattern-matchingrules

Velociraptor

Go

Endpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.

endpointhuntingdfir