sumeshi / ntfsdumpLinks
An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
☆21Updated last year
Alternatives and similar repositories for ntfsdump
Users that are interested in ntfsdump are comparing it to the libraries listed below
Sorting:
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆26Updated last year
- Windows Event Log Knowledge Base☆26Updated 10 months ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆11Updated 2 months ago
- ☆25Updated last year
- xlrd2 is a variant of xlrd that is actively maintained☆23Updated last year
- NTFS samples☆25Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Updated last year
- Help deobfuscate VBScript☆16Updated 3 years ago
- ☆57Updated 10 months ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆57Updated last month
- Library and tools to access the Windows Prefetch File (SCCA) format.☆78Updated 8 months ago
- volatility explorer☆91Updated 4 years ago
- ☆23Updated 10 months ago
- Extract files from NTFS Volume☆32Updated 4 years ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆46Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- ☆39Updated last year
- YARA Language Server☆71Updated 3 weeks ago
- This repository contains a variety of plugins and scripts, related to the Volatility framework.☆16Updated 6 months ago
- Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes☆51Updated 3 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆18Updated last year
- Autopsy Module to analyze Registry Hives☆15Updated 3 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58Updated 4 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…☆19Updated 6 months ago
- Tools for macOS Forensic Bootable media☆15Updated 5 years ago
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆19Updated 4 years ago
- Utilities for working with vivisect☆25Updated 5 months ago
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆54Updated 8 months ago