Data verified Jun 2026
ADYour product here. Reach security decision-makers.Launch a campaignMFTMactime Description
This is an MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their original folder structure and run yara rules over them all. It uses Omer BenAmram's great MFT rust parsing libraries, which allows a great speed and efficiency in the process. The integration with the USN Journal parser allows to have in the same timeline the combined MFT and USN data. You can use as input files either individual files derived from a triage or a forensic image in RAW format or a mixture of both modes. In case the input is RAW the artifacts will be dumped in a selected directory.
MFTMactime FAQ
Common questions about MFTMactime including features, pricing, alternatives, and user reviews.
MFTMactime is MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support. It is a Security Operations solution designed to help security teams with Triage, MFT.
MFTMactime is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/kero99/mftmactime/ for download and installation instructions.
Popular alternatives to MFTMactime include:
1.Google Security Operations - Cloud-native SIEM, SOAR, and threat intel platform for SecOps teams (Commercial)
2.Binary Defense Threat Hunting - A managed security service that uses hypothesis-based threat hunting to proactively discover hidden threats, create new detection rules, and improve overall security posture. (Commercial)
3.LogCraft Detection Engineering - Detection-as-code platform for managing detection rules across SIEM/EDR/XDR (Commercial)
4.detections.ai Detections - Community platform for sharing and creating detection rules with AI (Commercial)
5.Axur AI-Powered Cyber Threat Intelligence - AI-powered cyber threat intelligence platform with real-time monitoring (Commercial)
Compare all MFTMactime alternatives at https://cybersectools.com/alternatives/mftmactime
MFTMactime is for security teams and organizations that need Triage, MFT. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
