NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
☆38Aug 23, 2016Updated 9 years ago
Alternatives and similar repositories for ntfs_parse
Users that are interested in ntfs_parse are comparing it to the libraries listed below
Sorting:
- Parser for $LogFile on NTFS☆215Jun 1, 2025Updated 8 months ago
- Parser for $UsnJrnl on NTFS☆120Nov 27, 2022Updated 3 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- volatility☆21Nov 16, 2014Updated 11 years ago
- Python script to parse the NTFS USN Journal☆115Jul 15, 2022Updated 3 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 6 years ago
- Assorted documentation, scripts and tools☆39Dec 11, 2025Updated 2 months ago
- PowerShell Utilities for Security Situational Awareness☆13Jan 10, 2017Updated 9 years ago
- Repository for Windows 10 x64 kernel research, exploitation learning, and reference/supplementary code.☆14Jun 24, 2020Updated 5 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Yet another registry parser☆138Apr 15, 2022Updated 3 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- A collection of insightful projects for Windows.☆19Sep 30, 2016Updated 9 years ago
- SoftICE-like debugger for Windows 2000 and XP. Archived.☆21Dec 23, 2022Updated 3 years ago
- Fun with malloc() and free(): PoC implementation, tracing, training deep neural networks☆14May 26, 2017Updated 8 years ago
- Registry timestamp manipulation☆17Feb 26, 2014Updated 12 years ago
- Help summarize a PCAP file☆33Dec 27, 2011Updated 14 years ago
- Supports code generation and SDK functionality for VBS enclaves.☆23Feb 13, 2026Updated 2 weeks ago
- an iSCSI demo driver for Windows☆16Sep 21, 2015Updated 10 years ago
- C++ helper library for Windows bcrypt, ncrypt and credman☆21Nov 20, 2023Updated 2 years ago
- PE文件解析和加壳工具☆18Feb 21, 2023Updated 3 years ago
- petit "playbook" qui pourrait servir de base à une réponse à incident lors d'une attaque de type ransomware☆21Aug 30, 2022Updated 3 years ago
- Golang fanotify example☆26Feb 29, 2024Updated last year
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16May 21, 2023Updated 2 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆522Aug 13, 2025Updated 6 months ago
- Windows disk filter driver to demonstrate sector write redirection☆42Dec 4, 2013Updated 12 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- Forensic Scanner☆41Nov 29, 2012Updated 13 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Aug 28, 2016Updated 9 years ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆52Aug 22, 2022Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆226Nov 1, 2023Updated 2 years ago
- Clash rules for ChatGPT and others.☆22Feb 3, 2026Updated 3 weeks ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆25Feb 12, 2023Updated 3 years ago
- Windows WDM driver filters to filter IO to devices and file systems☆56Apr 3, 2017Updated 8 years ago
- Go implementation of an Extensible Storage Engine parser☆32Feb 15, 2025Updated last year
- A tool for translating Scala source code into readable and maintainable Java code☆13Jan 3, 2026Updated last month
- ircollect☆31Aug 7, 2013Updated 12 years ago
- Library and tools to access the Volume Shadow Snapshot (VSS) format☆113Dec 20, 2025Updated 2 months ago