What is the pricing for MFT_Browser?

MFT_Browser is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/kacos2000/MFT_Browser/ for download and installation instructions.

What are alternatives to MFT_Browser?

Popular alternatives to MFT_Browser include: 1. MFT Parsers Review - Review of various MFT parsers used in digital forensics for analyzing NTFS file systems. (Free) 2. NTFS-Linker - Tool for parsing NTFS journal files, $Logfile, and $MFT. (Free) 3. ElcomSoft Advanced EFS Data Recovery - Decrypts EFS-protected files on NTFS volumes across Windows versions. (Commercial) 4. libfsntfs - A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1. (Free) 5. MFTExtractor - A tool for parsing and extracting information from the Master File Table of NTFS file systems. (Free) Compare these tools and more at https://cybersectools.com/categories/security-operations

Who should use MFT_Browser?

MFT_Browser is for security teams and organizations that need NTFS, MFT. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations

MFT_Browser | CybersecTools

MFT_Browser

Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.

Free325

Visit Website

Compare

Free325

MFT_Browser

Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.

Visit Website

Data verified Apr 2026

Explore Security Operations 48 Alternatives Compare Stacks Market Map Explore All Tools

ADYour product here. Reach security decision-makers.Launch a campaign

MFT_Browser Description

Security Operations/Digital Forensics and Incident Response

Ntfs Mft

Recreates the File/Directory tree structure from an (extracted) $MFT file. Supports both 1024 & 4096 byte long records. Able to carve FILE records & recreate a Directory tree from a Raw Image (v.60+). Able to extract the $MFT & recreate the Directory tree from a mounted NTFS volume (Volume must have a drive letter) (v.60+). Latest Version: [Dependencies] .NET Framework 4.8, Powershell Version: 5.1. 'Node Properties' right-click option or Double-clicking on any file/directory entry gets the full MFT details for that record. Clicking on any detail of the record shows the source of the detail in the Hex view grid. All timestamps are in UTC. Standalone GUI Calc for Dataruns: => MFT_dataruns. Note: Recreating the directory tree from large MFT files might take a lot of time (possibly hour(s)), as it needs to map each child record to its parent node, and as the structure grows, the time needed grows exponentially. $MFT Structures (pdf), Using MFTbrowser (pdf), How to view a single record from a large MFT file (pdf), Reparse point examples (pdf), Small test $MFT files to play with can be found on the provided links.

MFT_Browser Description

Security Operations/Digital Forensics and Incident Response

Ntfs Mft

MFT_Browser FAQ

Common questions about MFT_Browser including features, pricing, alternatives, and user reviews.

MFT_Browser is Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities. It is a Security Operations solution designed to help security teams with NTFS, MFT.

Have more questions? Browse our categories or search for specific tools.

MFT_Browser

MFT_Browser

MFT_Browser Description

MFT_Browser Description

MFT_Browser FAQ

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES