diff --git a/pkgs/development/python-modules/evtx/default.nix b/pkgs/development/python-modules/evtx/default.nix
new file mode 100644
index 00000000000..1348282f98d
--- /dev/null
+++ b/pkgs/development/python-modules/evtx/default.nix
@@ -0,0 +1,48 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, pytestCheckHook
+, pythonOlder
+, rustPlatform
+}:
+
+buildPythonPackage rec {
+  pname = "evtx";
+  version = "0.7.3";
+  format = "pyproject";
+
+  disabled = pythonOlder "3.6";
+
+  src = fetchFromGitHub {
+    owner = "omerbenamram";
+    repo = "pyevtx-rs";
+    rev = version;
+    sha256 = "sha256-59iEmgF1m+Yr5k4oxZGqMs5oMZxToUFYuwQDeLEQ2jY=";
+  };
+
+  cargoDeps = rustPlatform.fetchCargoTarball {
+    inherit src;
+    name = "${pname}-${version}";
+    sha256 = "sha256-Q2SpJohLSQCMYmx1ZMWZ7a/NC0lPsHkwxom00qVooNM=";
+  };
+
+  nativeBuildInputs = with rustPlatform; [
+    cargoSetupHook
+    maturinBuildHook
+  ];
+
+  checkInputs = [
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "evtx"
+  ];
+
+  meta = with lib; {
+    description = "Bindings for evtx";
+    homepage = "https://github.com/omerbenamram/pyevtx-rs";
+    license = with licenses; [ mit ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
diff --git a/pkgs/tools/security/evtx/default.nix b/pkgs/tools/security/evtx/default.nix
new file mode 100644
index 00000000000..51f706598fa
--- /dev/null
+++ b/pkgs/tools/security/evtx/default.nix
@@ -0,0 +1,31 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, rustPlatform
+}:
+
+rustPlatform.buildRustPackage rec {
+  pname = "evtx";
+  version = "0.7.2";
+
+  src = fetchFromGitHub {
+    owner = "omerbenamram";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-T165PZhjuX5tUENZoO6x1u2MpMQTfv9dGRmxyNY2ACg=";
+  };
+
+  cargoSha256 = "sha256-qcjJoXB0DV1Z5bhGrtyJzfWqE+tVWBOYMJEd+MWFcD8=";
+
+  postPatch = ''
+    # CLI tests will fail in the sandbox
+    rm tests/test_cli_interactive.rs
+  '';
+
+  meta = with lib; {
+    description = "Parser for the Windows XML Event Log (EVTX) format";
+    homepage = "https://github.com/omerbenamram/evtx";
+    license = with licenses; [ asl20 /* or */ mit ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 8fe1c79cf7e..4e3e5abeab1 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -5382,6 +5382,8 @@ with pkgs;
 
   evil-winrm = callPackage ../tools/security/evil-winrm { };
 
+  evtx = callPackage ../tools/security/evtx { };
+
   luckybackup = libsForQt5.callPackage ../tools/backup/luckybackup {
     ssh = openssh;
   };
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 5817183b8a6..e25479f91e8 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -2773,6 +2773,8 @@ in {
 
   evohome-async = callPackage ../development/python-modules/evohome-async { };
 
+  evtx = callPackage ../development/python-modules/evtx { };
+
   ewmh = callPackage ../development/python-modules/ewmh { };
 
   exdown = callPackage ../development/python-modules/exdown { };