imagemounter
imagemounter is a command-line utility and Python package to ease the mounting and unmounting of EnCase, Affuse, vmdk and dd disk images (and other formats supported by supported tools). It supports mounting disk images using xmount (with optional RW cache), affuse, ewfmount and vmware-mount; detecting DOS, BSD, Sun, Mac and GPT volume systems; mounting FAT, Ext, XFS UFS, HFS+, LUKS and NTFS volumes, in addition to some less known filesystems; detecting (nested) LVM volume systems and mounting its subvolumes; and reconstructing Linux Software RAID arrays. In its default mode, imagemounter will try to start mounting the base image on a temporary mount point, detect the volume system and then mount each volume seperately. If it fails finding a volume system, it will try to mount the entire image as a whole if it succeeds in detecting what it actually is. This package supports Python 3.6+. Example A very basic example of a valid mount is as follows. The command-line utility has much more features, but results vary wildly depending on the exact type of disk you are trying to mount: # imount lvm_containing_dos_volumesystem_containing_ext4
FEATURES
ALTERNATIVES
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
A modified version of GNU dd with added features like hashing and fast disk wiping.
Open source digital forensics tools for analyzing disk images and recovering files.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.