MFT Parsers Review Logo

MFT Parsers Review

0
Free
Visit Website

The Master File Table (MFT) contains the information related to folders and files on an NTFS system. Many forensics tools parse the MFT to display the file and folder structure, making it a valuable resource for Incident Response to quickly review systems for Indicators of Compromise (IOCs) by analyzing the MFT file.

FEATURES

ALTERNATIVES

Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.

A software that collects forensic artifacts on systems for forensic investigations.

Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.

A collection of Mac OS X and iOS forensics resources with a focus on artifact collection and collaboration.

A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.

A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.

A repository containing material from a talk on sub-domain enumeration techniques

PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.

PINNED