Involved Projects and Packages
This project contains forensic tools and libraries.
libbde is a library and tools to access the BitLocker Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume.
Supported BDE formats:
BitLocker Windows Vista
BitLocker Windows 7
BitLocker Windows 8 (Consumer Preview)
BitLocker To Go
Supported protection methods:
clear key
password
recovery password
start-up key
FKEV and/or TWEAK key data
Additional features:
support for partial encrypted volumes
zeros out the BDE metadata, matches behavior seen on Windows
Work in progress:
Dokan library support
Multi-threading support
libcaes is a library for cross-platform AES encryption.
A library for cross-platform C generic data functions.
Library for cross-platform C date and time functions.
Part of the libyal library family.
A library for cross-platform C error functions.
A member of the libyal library collection.
A library for cross-platform C file functions.
A library for cross-platform C locale functions.
A library for cross-platform C notify functions.
A library for cross-platform C path functions.
A library for cross-platform C split string functions.
libcthreads is part of the libyal family of c libraries. libyal is primarily used by digital forensic applications.
Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format. ESEDB is used in may different applications like Windows Search, Windows Mail, Exchange, Active Directory, etc.
Library to access the Windows Event Log (EVT) format.
For the Windows XML Event Log (EVTX) format see: libevtx
Library and tooling to access the Windows XML Event Log (EVTX) format. For the Windows pre-XML Event Log (EVT) format see: libevt
libewf is a library for support of the Expert Witness Compression Format (EWF). libewf allows you to read media information of EWF files in the SMART (EWF-S01)format and the EnCase (EWF-E01) format. libewf allows to read files created by EnCase 1 to 6, linen and FTK Imager
Library to provide generic file data cache functions for the libyal family of libraries.
Library to provide generic file data functions for the libyal family of libraries.
A library for date and time data types.
A library for GUID/UUID data types.
Mon | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Tue | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Wed | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Thu | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Fri | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Sat | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Sun |
- 1 commit in security:forensics / libcreg
- 1 commit in hardware / bluetui