ntfstool
NTFS analyzer
A forensic tool for analyzing NTFS volumes and decrypting encrypted files
Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
485 stars
23 watching
98 forks
Language: C++
last commit: over 1 year ago bitlockerbtreecompresseddiskefsfvegptlogfilembrmftntfsparserreparsesmartsparseundeleteusnvbrvmkvss
Related projects:
Repository | Description | Stars |
---|---|---|
| A Python library for analyzing and working with NTFS file systems. | 81 |
| A digital forensics tool for parsing and analyzing NTFS/FAT file systems. | 196 |
| Analyzes and processes NTFS file system data to extract timeline information and run YARA rules for malware detection. | 12 |
| Analyzes network traffic data from captured packets to extract and decode specific protocols and information. | 183 |
| A tool suite for parsing NTFS artifacts and extracting information from INDX files. | 215 |
| A network forensic analysis tool that extracts content from communication protocols and visualizes it in various ways | 38 |
| A multi-threaded GUI forensic analysis tool for Linux | 48 |
| A tool to analyze and visualize file system usage in various formats | 827 |
| A Dissect module implementing a parser for the NTFS file system used by Windows operating systems | 8 |
| A tool for extracting network metadata and fingerprints from packet capture files or live network traffic. | 661 |
| A tool that uses various tests to identify and analyze encrypted files on a filesystem. | 52 |
| A Dissect module parsing VMFS file system structure and layout | 3 |
| A tool to analyze and reconstruct damaged file systems | 549 |
| A Dissect module implementing a parser for the XFS file system, commonly used by RedHat Linux distributions. | 2 |
| Tool to parse and extract information from NTFS Master File Table (MFT) files. | 14 |