MFTMactime
0 (0)
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
This project provides documentation accompanying Digital Forensics Artifact Repository. Scripts and Digital Forensics Artifact knowledge base (artifactsrc) are intended to help maintain the knowledge base. If you want to contribute a description of an artifact definition, please use the Template. The goal is to describe artifacts, not to provide a repository of tools. Contact forensicartifacts@googlegroups.com for more information.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
Open source digital forensics tools for analyzing disk images and recovering files.
A command-line tool for searching and extracting strings from files with various options like ASCII and Unicode string search.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
Tool for analyzing Windows Recycle Bin INFO2 file
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
