libfvde Logo

libfvde

0
Free
Visit Website

libfvde is a library to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes. It supports various Mac OS X versions and encryption volume types, including removable media volumes and system volumes. The library provides access to encrypted data on a storage media volume. The project is still experimental and has some unsupported Core Storage format features, such as multiple physical volumes. It also has some planned features, including Dokan support and partial encrypted volumes. libfvde is licensed under LGPLv3+ and has a wiki with documentation and building instructions.

FEATURES

ALTERNATIVES

Powerful tool for searching and hunting through Windows forensic artefacts with support for Sigma detection rules and custom Chainsaw detection rules.

A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.

An anti-forensic Linux Kernel Module kill-switch for USB ports.

Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.

A console program for file recovery through data carving.

Digital investigation tool for extracting forensic data from computers and managing investigations.

A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.

A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.

PINNED