libyal / libewfLinks
Libewf is a library to access the Expert Witness Compression Format (EWF)
☆278Updated 11 months ago
Alternatives and similar repositories for libewf
Users that are interested in libewf are comparing it to the libraries listed below
Sorting:
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆487Updated last week
- Autopsy Python Plugins☆356Updated 2 months ago
- Extract $MFT record info and log it to a csv file.☆274Updated 9 months ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- Volatility plugins developed and maintained by the community☆365Updated 4 years ago
- Digital Forensics Virtual File System (dfVFS)☆210Updated last week
- An AFF4 C++ implementation.☆206Updated 2 years ago
- Python bindings for The Sleuth Kit (libtsk)☆103Updated this week
- Parser for $LogFile on NTFS☆198Updated 2 months ago
- Pure Python parser for Windows Registry hives.☆431Updated 6 months ago
- Yara integrated software to handle archive file data.☆315Updated 3 years ago
- An NTFS/FAT parser for digital forensics & incident response☆206Updated 8 months ago
- Regipy is an os independent python library for parsing offline registry hives☆258Updated last month
- Volatility profiles for Linux and Mac OS X☆325Updated 2 years ago
- This is the development tree. Production downloads are at:☆1,227Updated 4 months ago
- SIFT☆514Updated last year
- Fuzzy hashing API and fuzzy hashing tool☆734Updated 4 years ago
- AFF is an open and extensible file format to store disk images and associated metadata.☆88Updated 4 months ago
- Script to recover deleted entries in an SQLite database☆191Updated 9 years ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆327Updated 5 months ago
- Script for automating Linux memory capture and analysis☆270Updated 5 years ago
- Library and tools to access the Volume Shadow Snapshot (VSS) format☆113Updated 11 months ago
- The kernel patch and userspace tools to enable Linux software write blocking☆143Updated 5 years ago
- Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes☆235Updated last year
- DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investig…☆286Updated 5 years ago
- Yet another library library (and tools)☆211Updated 7 months ago
- A framework for orchestrating forensic collection, processing and data export☆325Updated this week
- Digital Forensics artifact repository☆1,144Updated this week
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆124Updated 2 years ago
- Yara Rule Analyzer and Statistics☆376Updated 2 years ago