libyal / libewfLinks
Libewf is a library to access the Expert Witness Compression Format (EWF)
☆288Updated last year
Alternatives and similar repositories for libewf
Users that are interested in libewf are comparing it to the libraries listed below
Sorting:
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆504Updated 2 months ago
- Tool suite for inspecting NTFS artifacts.☆225Updated last year
- Extract $MFT record info and log it to a csv file.☆277Updated last year
- Autopsy Python Plugins☆363Updated 2 months ago
- Parser for $LogFile on NTFS☆205Updated 4 months ago
- Digital Forensics Virtual File System (dfVFS)☆213Updated last week
- Python bindings for The Sleuth Kit (libtsk)☆108Updated last month
- Volatility plugins developed and maintained by the community☆368Updated 4 years ago
- An AFF4 C++ implementation.☆211Updated 2 years ago
- AFF is an open and extensible file format to store disk images and associated metadata.☆91Updated last month
- Pure Python parser for Windows Registry hives.☆435Updated 8 months ago
- Regipy is an os independent python library for parsing offline registry hives☆262Updated last week
- Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes☆239Updated last year
- An NTFS/FAT parser for digital forensics & incident response☆212Updated 3 weeks ago
- Library and tools to access the Volume Shadow Snapshot (VSS) format☆113Updated last year
- The kernel patch and userspace tools to enable Linux software write blocking☆147Updated 5 years ago
- Digital Forensics artifact repository☆1,166Updated last week
- SIFT☆519Updated last year
- Script to recover deleted entries in an SQLite database☆192Updated 9 years ago
- Script for automating Linux memory capture and analysis☆272Updated 5 years ago
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆124Updated 2 years ago
- Commandline low level file extractor for NTFS☆303Updated 6 years ago
- Volatility profiles for Linux and Mac OS X☆325Updated 2 years ago
- This is the development tree. Production downloads are at:☆1,274Updated 7 months ago
- Yet another library library (and tools)☆213Updated last month
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆335Updated 8 months ago
- DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investig…☆293Updated 5 years ago
- This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…☆54Updated 3 months ago
- Super timeline all the things☆1,943Updated last week
- Parser for $UsnJrnl on NTFS☆117Updated 2 years ago