File Extraction

A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.

A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.

Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.

A tool for parsing and extracting information from the Master File Table of NTFS file systems.

Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.

A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.

Extract local data storage of an Android application in one click.

A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.

A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.

A library for accessing and parsing OLE 2 Compound File (OLECF) format files, including Microsoft Office documents and thumbs.db files.

Web interface for the Volatility Memory Analysis framework with advanced features.

pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.

Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.

yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.

A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.