Extract files from NTFS Volume
☆32May 18, 2021Updated 4 years ago
Alternatives and similar repositories for ntfsdump
Users that are interested in ntfsdump are comparing it to the libraries listed below
Sorting:
- From https://www.codeproject.com/Articles/81456/An-NTFS-Parser-Lib by cyb70289☆25Sep 20, 2018Updated 7 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Dec 25, 2019Updated 6 years ago
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago
- ETW logging via C++☆21Nov 8, 2019Updated 6 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆37Feb 11, 2021Updated 5 years ago
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆38Aug 23, 2016Updated 9 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- A tool to investigate the Windows device manager☆13Feb 12, 2019Updated 7 years ago
- ☆26May 31, 2019Updated 6 years ago
- ☆58Updated this week
- Virtual Trust Level (VTL 1) secure call tracing☆103Feb 12, 2026Updated 2 weeks ago
- ☆14Oct 5, 2019Updated 6 years ago
- Automatically exported from code.google.com/p/hf-2011☆15Feb 12, 2016Updated 10 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- A minifilter driver for detecting and blocking ransomware virus☆27Mar 4, 2018Updated 7 years ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- File encryption based on DES and blowfish☆15May 29, 2025Updated 9 months ago
- hook system call that on user mode☆12Jan 27, 2022Updated 4 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- An API Monitor based on Instrumentation☆43Dec 19, 2017Updated 8 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆37May 1, 2020Updated 5 years ago
- AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…☆21Dec 22, 2023Updated 2 years ago
- Dumping LSA secrets: a story about task decorrelation☆14Jul 9, 2024Updated last year
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- ☆13Apr 30, 2020Updated 5 years ago
- javascript extension of windbg for hacker.☆18Jun 27, 2023Updated 2 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆37Oct 21, 2020Updated 5 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆22Sep 4, 2023Updated 2 years ago
- x64dbg scripts for finding OEP of packers☆15Oct 22, 2018Updated 7 years ago
- Unicorn PE function runner☆59Jul 4, 2017Updated 8 years ago
- Easy Transparent Encrypted File System Based on Minifilter File System Driver☆35Feb 23, 2026Updated last week
- VCL-based UI components for system tools that use NtUtilsLibrary☆21Nov 20, 2025Updated 3 months ago
- IDA Pro plugin to enhance the 'g' keyboard shortcut☆47Jul 24, 2023Updated 2 years ago
- NT File System (NTFS) recovery tool☆22Jul 30, 2020Updated 5 years ago
- The windows kernel ssdt hook demo☆16Nov 5, 2018Updated 7 years ago
- Windows API tracer for malware (oldname: unitracer)☆120Oct 16, 2017Updated 8 years ago
- 逆向小红伞杀毒软件驱动——avdevprot☆24Dec 3, 2017Updated 8 years ago
- An open source library for operating the Windows Overlay Filter driver.☆22Jan 16, 2019Updated 7 years ago