libfvde Logo

libfvde

0
Free
Visit Website

libfvde is a library to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes. It supports various Mac OS X versions and encryption volume types, including removable media volumes and system volumes. The library provides access to encrypted data on a storage media volume. The project is still experimental and has some unsupported Core Storage format features, such as multiple physical volumes. It also has some planned features, including Dokan support and partial encrypted volumes. libfvde is licensed under LGPLv3+ and has a wiki with documentation and building instructions.

FEATURES

ALTERNATIVES

RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.

Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.

Python tool for remote memory acquisition

A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.

A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.

A collection of tools for extracting and analyzing information from .git repositories

A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.

A tool for parsing and extracting information from the Master File Table of NTFS file systems.

PINNED