libfsntfs is a library to access the Windows New Technology File System (NTFS) format. It supports read-only access to NTFS versions 3.0 and 3.1, with features like LZNT1 compression, Windows Overlay Filter (WOF) compressed data, and case sensitive directories. The library is licensed under LGPLv3+ and is currently in an experimental status. For more information, see the project documentation and building instructions on the GitHub wiki.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.