INDXParse
NTFS parser
A tool suite for parsing NTFS artifacts and extracting information from INDX files.
Tool suite for inspecting NTFS artifacts.
215 stars
21 watching
42 forks
Language: Python
last commit: about 2 years ago
Linked from 1 awesome list
shadawck/awesome-anti-forensicRelated projects:
| Repository | Description | Stars |
|---|---|---|
| williballenthin/python-ntfs | A Python library for analyzing and working with NTFS file systems. | 81 |
 fox-it/dissect.ntfs | A Dissect module implementing a parser for the NTFS file system used by Windows operating systems | 8 |
| williballenthin/python-evtx | A Python module for parsing Windows Event Log files (.evtx) into structured data | 732 |
| williballenthin/shellbags | This tool helps reconstruct user activities by parsing Windows Registry data. | 151 |
 nxparser/nxparser | A Java-based parser for RDF serializations and other formats | 20 |
 thewhiteninja/ntfstool | A forensic tool for analyzing NTFS volumes and decrypting encrypted files | 485 |
| williballenthin/python-evt | A Python module for parsing classic Windows Event Log files (.evt) | 49 |
| williballenthin/python-idb | A library that provides read-only access to internal structures of IDA Pro databases and analyzes logical elements from these structures | 461 |
 msuhanov/dfir_ntfs | A digital forensics tool for parsing and analyzing NTFS/FAT file systems. | 196 |
 dtenny/rexxparse | A string parsing tool inspired by the REXX PARSE construct. | 11 |
 aarsakian/mftextractor | Tool to parse and extract information from NTFS Master File Table (MFT) files. | 14 |
 poorbillionaire/usn-journal-parser | A Python script to parse the NTFS USN journal and extract metadata changes for forensic analysis. | 108 |
 rurik/java_idx_parser | Analyzes the structure and content of Java Cache IDX files to extract relevant information about malware origins and infection vectors. | 39 |
 willdoescode/nat | A command-line tool for displaying file metadata and permissions in a user-friendly format | 1,273 |
 seamusabshere/remote_table | A Ruby library that reads and parses various file formats, including XLSX, XLS, ODS, CSV, TSV, and Google Docs, returning tabular data as arrays or hashes. | 226 |