File System
Explore 24 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
An LLM-based honeypot file system creator that generates realistic file systems and configurations to lure attackers and improve analyst engagement.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A free, open-source file data recovery software that can recover lost files from hard disks, CD-ROMs, and digital camera memory.
A free, open-source file data recovery software that can recover lost files from hard disks, CD-ROMs, and digital camera memory.
A utility for recovering deleted files from ext3 or ext4 partitions.
A utility for recovering deleted files from ext3 or ext4 partitions.
A library and tools to access and analyze APFS file systems
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.
Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
A demonstration of a method to delete a locked executable or currently running file from disk.
A demonstration of a method to delete a locked executable or currently running file from disk.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
A steganographic file system in userspace for plausible deniability of files.
A steganographic file system in userspace for plausible deniability of files.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
Open source Python library for NTFS analysis
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
