sumeshi / ntfsdumpLinks
An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
☆21Updated last year
Alternatives and similar repositories for ntfsdump
Users that are interested in ntfsdump are comparing it to the libraries listed below
Sorting:
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆26Updated last year
- Windows Event Log Knowledge Base☆25Updated 8 months ago
- Rekall Memory Forensic Framework☆32Updated 5 years ago
- ETW forensic tool for Volatility3 plugin☆15Updated 7 months ago
- Library for Windows XML Event Log (EVTX) data types☆18Updated 9 months ago
- ☆28Updated 7 months ago
- DeepToad is a library and a tool to clusterize similar files using fuzzy hashing☆20Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆16Updated last year
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆11Updated this week
- xlrd2 is a variant of xlrd that is actively maintained☆23Updated 10 months ago
- ☆25Updated last year
- ☆24Updated 5 years ago
- Parser for Sdba memory pool tags☆18Updated 3 years ago
- ☆9Updated 5 years ago
- ☆22Updated 8 months ago
- ☆22Updated 4 years ago
- A tool to assist in analysis of packed HelloKitty ransomware binaries☆11Updated 3 years ago
- Tools for macOS Forensic Bootable media☆15Updated 5 years ago
- Collection Of Scripts And Utilities For Windows Event Hunting☆18Updated 5 years ago
- Tools for analyzing Windows containers and break container's isolation☆31Updated 2 years ago
- Utilities for working with vivisect☆25Updated 3 months ago
- Slides from various conference talks☆37Updated 2 years ago
- Help deobfuscate VBScript☆15Updated 2 years ago
- ☆57Updated 8 months ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Updated 3 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 2 years ago
- Tool for analysis of Windows Prefetch files☆26Updated 6 years ago
- Currently proof-of-concept☆17Updated 3 years ago
- Autopsy Module to analyze Registry Hives☆15Updated 3 years ago
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆18Updated last year