From 19c7e65714e3f5e515283f54aa253c84076095a2 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreplay.github.com>
Date: Mon, 5 Feb 2018 21:25:12 +0700
Subject: [PATCH] [Tools][DFIR]: Add williballenthin/EVTXtract

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5fe7c3c..4eaef57 100644
--- a/README.md
+++ b/README.md
@@ -834,7 +834,7 @@ My curated list of awesome links, resources and tools
     </tr>
     <tr>
         <td><a href="https://www.sleuthkit.org/">The Sleuth Kit</a></td>
-        <td>https://www.sleuthkit.org/</td>
+        <td>sleuthkit.org is the official website for The Sleuth Kit®, Autopsy®, and other open source digital investigation tools. From here, you can find documents, case studies, and download the latest versions of the software.</td>
     </tr>
     <tr>
         <td>
@@ -852,6 +852,10 @@ My curated list of awesome links, resources and tools
             "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequence…
         </td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/williballenthin/EVTXtract">williballenthin/EVTXtract</a></td>
+        <td>EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.</td>
+    </tr>
 </table>
 
 ### Exploits