ntfstool

NTFS analyzer

A forensic tool for analyzing NTFS volumes and decrypting encrypted files

Forensics tool for NTFS (parser, mft, bitlocker, deleted files)

GitHub

478 stars

23 watching

96 forks

Language: C++

last commit: over 1 year ago

bitlockerbtreecompresseddiskefsfvegptlogfilembrmftntfsparserreparsesmartsparseundeleteusnvbrvmkvss

Related projects:

Repository	Description	Stars
williballenthin/python-ntfs	A Python library for analyzing and working with NTFS file systems.	80
msuhanov/dfir_ntfs	A digital forensics tool for parsing and analyzing NTFS/FAT file systems.	191
kero99/mftmactime	Analyzes and processes NTFS file system data to extract timeline information and run YARA rules for malware detection.	12
xplico/xplico	Analyzes network traffic data from captured packets to extract and decode specific protocols and information.	182
williballenthin/indxparse	A tool suite for parsing NTFS artifacts and extracting information from INDX files.	216
nesfit/netfoxdetective	A network forensic analysis tool that extracts content from communication protocols and visualizes it in various ways	38
pjrinaldi/wombatforensics	A multi-threaded GUI forensic analysis tool for Linux	47
nachoparker/dutree	A tool to analyze and visualize file system usage in various formats	828
fox-it/dissect.ntfs	A parser for the NTFS file system used in Windows operating systems	8
0x4d31/fatt	A tool for extracting network metadata and fingerprints from packet capture files or live network traffic.	656
antagon/tchunt-ng	A tool that uses various tests to identify and analyze encrypted files on a filesystem.	52
fox-it/dissect.vmfs	A Python module implementing a parser for the VMFS file system used by VMware virtualization software.	3
lazza/recuperabit	A tool to analyze and reconstruct damaged file systems	542
fox-it/dissect.xfs	A parser for the XFS file system used by RedHat Linux distributions.	2
aarsakian/mftextractor	Tool to parse and extract information from NTFS Master File Table (MFT) files.	14