Forensic Analysis Tool for Btrfs File System.
☆20Aug 6, 2018Updated 7 years ago
Alternatives and similar repositories for btrForensics
Users that are interested in btrForensics are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Python pcap sanitizer☆22Sep 2, 2022Updated 3 years ago
- A lightweight C++/C AFF4 reader library☆14Feb 5, 2026Updated last month
- Library and tools to access the Windows SuperFetch database format☆13Nov 29, 2025Updated 3 months ago
- Python library for parsing AccessData AD1 images☆34Jun 1, 2023Updated 2 years ago
- PoC Reverse Text segment ELF File infector☆14Feb 28, 2020Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Learning a bit of assembly programming☆13Mar 23, 2015Updated 11 years ago
- ☆16Jul 21, 2018Updated 7 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- List BTRFS subvolume and snapshot sizes with paths like df☆11Mar 17, 2024Updated 2 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- ZYTOKINE STORM is a user-mode Linux binary translation layer targeting Darwin☆16Mar 22, 2015Updated 11 years ago
- Library and tools to access the GUID Partition Table (GPT) volume system format☆11Dec 20, 2025Updated 3 months ago
- Registry timestamp manipulation☆18Feb 26, 2014Updated 12 years ago
- Tool used for converting Linux Kernel time jiffies, from iptables xt_recent timestamps, to human datetime☆13Feb 16, 2021Updated 5 years ago
- Compute memory usage of a piece of software with strace.☆11Sep 17, 2019Updated 6 years ago
- Nohidy the system admins best friend, multi platform auditing tool☆14Feb 6, 2018Updated 8 years ago
- Analyze and manipulate binary data based on ELF symbol tables☆20Apr 3, 2024Updated last year
- Static Feature Extraction & Selection (used in conjunction with the MASTIFF framework)☆16Oct 19, 2016Updated 9 years ago
- Log Examination Tool☆27Oct 11, 2016Updated 9 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Feb 1, 2024Updated 2 years ago
- Library and tools to access the Master Boot Record (MBR) volume system format☆14Dec 21, 2025Updated 3 months ago
- macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR☆37Mar 16, 2026Updated last week
- This project has been done with Chen as part of system security course at SBU CS.☆12Dec 14, 2014Updated 11 years ago
- a dumb protocol-unaware packet fuzzer/replayer☆24Dec 31, 2017Updated 8 years ago
- ☆12Nov 17, 2014Updated 11 years ago
- Library and tools to access the Extended File System☆18Feb 1, 2026Updated last month
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- rename☆19Jul 19, 2017Updated 8 years ago
- Python web app for previewing data in a Chrome Profile Folder☆24Jul 1, 2024Updated last year
- Kernel function hooking using exception tables☆28Jun 15, 2018Updated 7 years ago
- Python implementation of pattern_create and pattern_offset from Metasploit Framework☆18Sep 12, 2019Updated 6 years ago
- CLI Tools to open, extract and mount FTK Imager's AccessData AD1 forensic images on linux.☆19May 27, 2025Updated 9 months ago
- a simple Makefile template for small-medium C/C++ projects☆14Jul 26, 2016Updated 9 years ago