Tag Archives: NTFS

January 18, 2020   No comments

USN Analytics -Tool to Analyze USN Journal

USN Analytics is a tool that specializes in USN Journal ($UsnJrnl:$J) analysis. USN journal is an internal system list of the NTFS file system

Read More
December 14, 2019   No comments

JP- TZWorks Windows Journal Parser

JP is a command line tool that targets NTFS change log journals. The change journal is a component of NTFS that will, when enabled

Read More
October 14, 2019   No comments

Autopsy – Digital Forensic Program and Sleuth Kit GUI

Autopsy is a digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools. It is used by law enforcement, military

Read More
August 29, 2019   No comments

NTFS Log Tracker – Tool to Parse NTFS Logs

NTFS Log Tracker is a tool that can parse $LogFile, $UsnJrnl of NTFS.A input of this tool is sample file extracted by another tool like Encase, Winhex.

Read More
January 24, 2019   No comments

NTFS Journal Viewer – Tool to Investigate NTFS Changes

NTFS Journal Viewer (JV) is a portable tool that extracts and parses the NTFS change journal ($UsnJrnl) file. The change journal is a file that records when changes are made to files and directories and therefore can provide a wealth

Read More
January 3, 2019   No comments

AlternateStreamView – Tool to Investigate ADS File System

AlternateStreamView is a small utility that allows you to scan your NTFS drive, and find all hidden alternate streams stored in the file system.

Read More
December 18, 2018   No comments

RecuperaBit – Tool for Forensic File Reconstruction

RecuperaBit is a software which attempts to reconstruct file system structures and recover files.

Read More
« Older posts