libfvde is a library to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes. It supports various Mac OS X versions and encryption volume types, including removable media volumes and system volumes. The library provides access to encrypted data on a storage media volume. The project is still experimental and has some unsupported Core Storage format features, such as multiple physical volumes. It also has some planned features, including Dokan support and partial encrypted volumes. libfvde is licensed under LGPLv3+ and has a wiki with documentation and building instructions.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.