Extract files from NTFS Volume
☆32May 18, 2021Updated 4 years ago
Alternatives and similar repositories for ntfsdump
Users that are interested in ntfsdump are comparing it to the libraries listed below
Sorting:
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆38Aug 23, 2016Updated 9 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆13Dec 25, 2019Updated 6 years ago
- From https://www.codeproject.com/Articles/81456/An-NTFS-Parser-Lib by cyb70289☆26Sep 20, 2018Updated 7 years ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago
- ☆58Feb 27, 2026Updated 3 weeks ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- ☆14Oct 5, 2019Updated 6 years ago
- A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates☆26Sep 23, 2018Updated 7 years ago
- 📔 Linux NTFS Documentation☆27Feb 6, 2025Updated last year
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- Virtual Trust Level (VTL 1) secure call tracing☆103Feb 12, 2026Updated last month
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆527Aug 13, 2025Updated 7 months ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆38Oct 21, 2020Updated 5 years ago
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Mar 12, 2026Updated last week
- Library and tools to access the Windows New Technology File System (NTFS)☆227Feb 8, 2026Updated last month
- A tool to investigate the Windows device manager☆13Feb 12, 2019Updated 7 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Unicorn PE function runner☆59Jul 4, 2017Updated 8 years ago
- ☆26May 31, 2019Updated 6 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆37Feb 11, 2021Updated 5 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- An API Monitor based on Instrumentation☆43Dec 19, 2017Updated 8 years ago
- Automatically exported from code.google.com/p/hf-2011☆15Feb 12, 2016Updated 10 years ago
- Crystal Anti-Exploit Protection 2012☆37May 31, 2020Updated 5 years ago
- Easy Transparent Encrypted File System Based on Minifilter File System Driver☆35Feb 23, 2026Updated last month
- AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…☆21Dec 22, 2023Updated 2 years ago
- javascript extension of windbg for hacker.☆18Jun 27, 2023Updated 2 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows …☆15Jun 8, 2023Updated 2 years ago
- A minifilter driver for detecting and blocking ransomware virus☆27Mar 4, 2018Updated 8 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆37May 1, 2020Updated 5 years ago
- A class to gather information about a process, its threads and modules.☆23Mar 23, 2020Updated 5 years ago
- Cross-platform driver for the USB 3 xHCI Debug Capability☆20Oct 21, 2021Updated 4 years ago
- ☆14Aug 24, 2020Updated 5 years ago
- Copy-on-write fork()-like memory dump using Process Snapshotting APIs☆13Jul 23, 2017Updated 8 years ago
- VCL-based UI components for system tools that use NtUtilsLibrary☆21Mar 4, 2026Updated 2 weeks ago
- Stop Windows Defender using the Win32 API☆192Feb 2, 2022Updated 4 years ago