thewhiteninja / ntfstoolLinks
Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
☆530Updated 2 years ago
Alternatives and similar repositories for ntfstool
Users that are interested in ntfstool are comparing it to the libraries listed below
Sorting:
- The multi-platform memory acquisition tool.☆821Updated last month
- PE-bear (builds only)☆780Updated 2 years ago
- Parses $MFT from NTFS file systems☆255Updated 3 months ago
- $MFT directory tree reconstruction & FILE record info☆307Updated 10 months ago
- View ETW Provider manifest☆524Updated 9 months ago
- Dynamic unpacker based on PE-sieve☆746Updated 2 months ago
- A wireshark plugin to instrument ETW☆562Updated 3 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆663Updated 2 weeks ago
- Lnk Explorer Command line edition!!☆317Updated 7 months ago
- Prefetch Explorer Command Line☆261Updated 6 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆764Updated last year
- Library and tools to access the Windows New Technology File System (NTFS)☆214Updated last year
- Event Tracing For Windows (ETW) Resources☆393Updated 10 months ago
- Living Off The Land Drivers☆1,258Updated this week
- A tool that shows detailed information about named pipes in Windows☆688Updated 8 months ago
- Windows registry file format specification☆342Updated 6 years ago
- A Pin Tool for tracing API calls etc☆1,514Updated last month
- Linker/Compiler/Tool detector for Windows, Linux and MacOS.☆565Updated this week
- Memory acquisition for Linux that makes sense.☆201Updated last year
- Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.☆629Updated 3 weeks ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆375Updated 6 months ago
- Windows Registry Knowledge Base☆177Updated 10 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆305Updated last month
- An NTFS/FAT parser for digital forensics & incident response☆206Updated 9 months ago
- Process Monitor X v2☆625Updated last year
- Windows System Explorer☆862Updated last year
- ☆501Updated last year
- Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then co…☆384Updated 6 years ago
- RegRipper3.0☆628Updated 7 months ago
- Encyclopedia for Executables☆449Updated 3 years ago