sumeshi/ntfsfind external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sumeshi/ntfsfind

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sumeshi/ntfsfind)

Close

sumeshi / ntfsfindView on GitHubMore

• External links
• Readme badge

An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.

☆28Feb 21, 2026Updated last week

Alternatives and similar repositories for ntfsfind

Users that are interested in ntfsfind are comparing it to the libraries listed below

• sumeshi / ntfsdump

  View on GitHub
  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
  ☆22Feb 21, 2026Updated last week
• sumeshi / mft2es

  View on GitHub
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆12Jun 23, 2025Updated 8 months ago
• ydkhatri / jarp

  View on GitHub
  Just Another broken Registry Parser (JARP)
  ☆16May 23, 2024Updated last year
• Beercow / walitean

  View on GitHub
  ☆11Aug 3, 2018Updated 7 years ago
• ydkhatri / macOS_FE

  View on GitHub
  Tools for macOS Forensic Bootable media
  ☆15May 20, 2020Updated 5 years ago
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• cclgroupltd / chrome-profile-view

  View on GitHub
  Python web app for previewing data in a Chrome Profile Folder
  ☆23Jul 1, 2024Updated last year
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆38Jan 27, 2022Updated 4 years ago
• gmagklaras / POFR

  View on GitHub
  Penguin OS Forensic (or Flight) Recorder
  ☆40Dec 25, 2024Updated last year
• forensicxlab / volatility3_plugins

  View on GitHub
  ☆25Jul 23, 2024Updated last year
• analyzeDFIR / analyzePF

  View on GitHub
  Tool for analysis of Windows Prefetch files
  ☆26Nov 11, 2018Updated 7 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• bsi-group / autorun-logger-server

  View on GitHub
  Server for receiving autorun data from the clients
  ☆13Sep 26, 2017Updated 8 years ago
• Jaded-Encoding-Thaumaturgy / vs-kernels

  View on GitHub
  Kernel objects for scaling and format conversion within VapourSynth
  ☆12Nov 5, 2025Updated 3 months ago
• ydkhatri / spotlight_queries

  View on GitHub
  Queries for parsed spotlight database in sqlite
  ☆13Dec 29, 2020Updated 5 years ago
• Hexastrike / EventWhisper

  View on GitHub
  A Windows Event Log MCP
  ☆40Aug 25, 2025Updated 6 months ago
• ORCID / public-data-sync

  View on GitHub
  Simple python script that allows member to get the public data dump on demand
  ☆19Jul 7, 2025Updated 7 months ago
• ydkhatri / Presentations

  View on GitHub
  Slides and material from my conference presentations
  ☆16Mar 30, 2024Updated last year
• LETHAL-FORENSICS / macos-collector

  View on GitHub
  macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR
  ☆29Jan 29, 2026Updated last month
• LincolnLandForensics / HodgePodge

  View on GitHub
  /ˈhäjˌpäj/ "a confused mixture."
  ☆13Feb 21, 2026Updated last week
• PeterTheobald / android-sms2csv

  View on GitHub
  android-sms2csv.py extract SMS messages from Android backup files
  ☆13Jun 19, 2020Updated 5 years ago
• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• libyal / reviveit

  View on GitHub
  ReviveIT (revit) is a proof of concept file recovery tool (carver)
  ☆13Dec 3, 2020Updated 5 years ago
• Houwenda / FSEventsParser-rs

  View on GitHub
  Yet another fseventsd parser for macOS forensics
  ☆12Jul 20, 2024Updated last year
• dfirlabs / ntfs-specimens

  View on GitHub
  NTFS file system specimens
  ☆13Jul 3, 2023Updated 2 years ago
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated 2 years ago
• Lazza / SourceRestorer

  View on GitHub
  Recover lost code from SOURCEdefender encrypted files
  ☆13Aug 25, 2025Updated 6 months ago
• n0fate / walitean

  View on GitHub
  ☆35Aug 4, 2018Updated 7 years ago
• 4n6ist / mssql_4n6

  View on GitHub
  Parsers for .mdf file of Microsoft SQL Server (MSSQL)
  ☆15Mar 28, 2020Updated 5 years ago
• ArsenalRecon / BackstageParser

  View on GitHub
  Backstage Parser
  ☆33Jun 23, 2022Updated 3 years ago
• JPCERTCC / etw-scan

  View on GitHub
  ETW forensic tool for Volatility3 plugin
  ☆17Nov 15, 2024Updated last year
• 5ha0 / fortools

  View on GitHub
  ☆14Dec 24, 2019Updated 6 years ago
• g-les / floss2yar

  View on GitHub
  ☆15Sep 26, 2022Updated 3 years ago
• 0xHasanM / Autopsy-Registry-Explorer

  View on GitHub
  Autopsy Module to analyze Registry Hives
  ☆16Feb 18, 2022Updated 4 years ago
• harelsegev / INDXRipper

  View on GitHub
  Carve file metadata from NTFS index ($I30) attributes
  ☆71Feb 3, 2024Updated 2 years ago
• google / dfindexeddb

  View on GitHub
  ☆46Feb 20, 2026Updated last week
• jschicht / LogFileParser

  View on GitHub
  Parser for $LogFile on NTFS
  ☆215Jun 1, 2025Updated 9 months ago
• williballenthin / wevt_template

  View on GitHub
  extract and parse WEVT_TEMPLATEs from PE files
  ☆18Dec 30, 2023Updated 2 years ago