thewhiteninja / ntfstoolLinks
Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
☆523Updated last year
Alternatives and similar repositories for ntfstool
Users that are interested in ntfstool are comparing it to the libraries listed below
Sorting:
- The multi-platform memory acquisition tool.☆802Updated last week
- Dynamic unpacker based on PE-sieve☆736Updated last month
- Library and tools to access the Windows New Technology File System (NTFS)☆210Updated 11 months ago
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆668Updated this week
- PE-bear (builds only)☆779Updated 2 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆635Updated this week
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆755Updated last year
- A wireshark plugin to instrument ETW☆560Updated 3 years ago
- Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.☆614Updated last week
- View ETW Provider manifest☆498Updated 7 months ago
- Windows System Explorer☆854Updated last year
- A DTrace on Windows Reimplementation☆348Updated 4 months ago
- Windows kernel and user mode emulation.☆1,671Updated 2 months ago
- Parses $MFT from NTFS file systems☆248Updated last month
- An NTFS/FAT parser for digital forensics & incident response☆204Updated 7 months ago
- Parser for $LogFile on NTFS☆196Updated 3 weeks ago
- A Pin Tool for tracing API calls etc☆1,477Updated 2 weeks ago
- Linker/Compiler/Tool detector for Windows, Linux and MacOS.☆555Updated this week
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆983Updated last year
- PEiD detects most common packers, cryptors and compilers for PE files.☆295Updated 8 years ago
- RPC Monitor tool based on Event Tracing for Windows☆357Updated 10 months ago
- $MFT directory tree reconstruction & FILE record info☆306Updated 8 months ago
- Event Tracing For Windows (ETW) Resources☆389Updated 8 months ago
- Process Monitor X v2☆616Updated last year
- Converts a EXE into DLL☆1,326Updated last month
- Some of my publicly available Malware analysis and Reverse engineering.☆814Updated last year
- A tool that shows detailed information about named pipes in Windows☆677Updated 7 months ago
- strings2: An improved strings extraction tool.☆331Updated 3 years ago
- Useful scripts for WinDbg using the debugger data model☆414Updated last year
- Windows registry file format specification☆339Updated 6 years ago