Alternatives and similar repositories for NtfsFileExtractor

Users that are interested in NtfsFileExtractor are comparing it to the libraries listed below

• jschicht / SetRegTime
  Registry timestamp manipulation
  ☆17Updated 11 years ago
• jschicht / PowerMft
  Powerful commandline $MFT record editor.
  ☆24Updated 9 years ago
• EricZimmerman / RegistryExplorerBookmarks
  Registry Explorer bookmark definitions
  ☆43Updated 6 months ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆36Updated 3 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆18Updated 3 years ago
• log2timeline / dfimagetools
  Collection of tools for processing storage media images
  ☆14Updated 6 months ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆46Updated 2 years ago
• dhondta / AppmemDumper
  Forensics triage tool relying on Volatility and Foremost
  ☆26Updated last year
• forensicmatt / PyWindowsThingies
  Windows Thingies in Python for live use.
  ☆24Updated 6 years ago
• log2timeline / dfdatetime
  Digital Forensics date and time
  ☆24Updated 6 months ago
• Beercow / walitean
  ☆11Updated 6 years ago
• ArsenalRecon / GmailURLDecoder
  Gmail URL Decoder is an Open Source Python tool that can be used against plaintext or arbitrary raw data files in order to find, extract,…
  ☆57Updated 5 years ago
• janstarke / regview
  Offline-viewer for registry files
  ☆11Updated 2 months ago
• jschicht / ExtractUsnJrnl
  Tool to extract the $UsnJrnl from an NTFS volume
  ☆107Updated 5 years ago
• log2timeline / dfwinreg
  Digital Forensics Windows Registry (dfWinReg)
  ☆52Updated 6 months ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated 11 months ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• 4n6ist / bulk_extractor-rec
  It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving
  ☆39Updated 5 years ago
• msuhanov / regf-samples
  Windows registry samples
  ☆23Updated 6 years ago
• libyal / reviveit
  ReviveIT (revit) is a proof of concept file recovery tool (carver)
  ☆12Updated 4 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆22Updated 5 months ago
• AlecRandazzo / Packrat
  Live system forensic collector
  ☆16Updated 3 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆20Updated 3 years ago
• EricZimmerman / USBDevices
  Get USB Devices from Registry hives
  ☆21Updated 3 years ago
• EricZimmerman / TLEFilePlugins
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆26Updated 2 months ago
• jschicht / MftCarver
  Carve $MFT records from a chunk of data (for instance a memory dump)
  ☆16Updated 8 years ago
• cclgroupltd / chrome-profile-view
  Python web app for previewing data in a Chrome Profile Folder
  ☆22Updated last year
• cyb3rfox / MFTEntryCarver
  Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…
  ☆21Updated 6 years ago
• halpomeranz / dfis
  Digital Forensic Investigative Scripts
  ☆81Updated 2 months ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆13Updated 6 years ago