MFT Parsers Review | CyberSecTools

MFT Parsers Review

0 (0)

The Master File Table (MFT) contains the information related to folders and files on an NTFS system. Many forensics tools parse the MFT to display the file and folder structure, making it a valuable resource for Incident Response to quickly review systems for Indicators of Compromise (IOCs) by analyzing the MFT file.

Digital Forensics

Free

forensics incident-response mft ntfs file-system incident-response-tool

ALTERNATIVES

usbrip

0 (0)

A forensics tool for tracking USB device artifacts on Linux machines.

Digital Forensics

Free

command-line-tool forensics linux log-analysis file-analysis usb

Radare2

0 (0)

A powerful reverse engineering framework

Digital Forensics

Free

forensics reverse-engineering security binary-analysis debugging

libqcow

0 (0)

A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.

Digital Forensics

Free

binary-security file-analysis hex-dump file-patching binary-conversion

PcapXray

0 (0)

A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.

Digital Forensics

Free

file-extraction packet-capture

Rizin

0 (0)

A reverse engineering framework with a focus on usability and code cleanliness

Digital Forensics

Free

go python reverse-engineering ruby binary-analysis forensic-tool debugging rust disassembly scripting

ssm-acquire

0 (0)

A python module for orchestrating content acquisitions and analysis via Amazon SSM.

Digital Forensics

Free

aws docker memory-analysis ssm osquery