analyzeMFT-2.0.19-1.fc25.x86_64.rpm


Advertisement

Description

analyzeMFT - analyzeMFT

Distribution: Fedora 25
Repository: CERT Forensics Tools x86_64
Package name: analyzeMFT
Package version: 2.0.19
Package release: 1.fc25
Package architecture: x86_64
Package type: rpm
Installed size: 85.82 KB
Download size: 33.81 KB
Official Mirror: forensics.cert.org
analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.

Alternatives

Requires

Provides

  • analyzeMFT = 2.0.19-1.fc25
  • analyzeMFT(x86-64) = 2.0.19-1.fc25
  • python2.7dist(analyzemft) = 2.0.19
  • python2dist(analyzemft) = 2.0.19

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install analyzeMFT rpm package:
      # dnf --enablerepo=forensics install analyzeMFT

    Files

    • /usr/bin/analyzeMFT
    • /usr/bin/analyzeMFT.py
    • /usr/lib/python2.7/site-packages/analyzeMFT-2.0.19-py2.7.egg-info
    • /usr/lib/python2.7/site-packages/analyzemft/__init__.py
    • /usr/lib/python2.7/site-packages/analyzemft/__init__.pyc
    • /usr/lib/python2.7/site-packages/analyzemft/__init__.pyo
    • /usr/lib/python2.7/site-packages/analyzemft/bitparse.py
    • /usr/lib/python2.7/site-packages/analyzemft/bitparse.pyc
    • /usr/lib/python2.7/site-packages/analyzemft/bitparse.pyo
    • /usr/lib/python2.7/site-packages/analyzemft/mft.py
    • /usr/lib/python2.7/site-packages/analyzemft/mft.pyc
    • /usr/lib/python2.7/site-packages/analyzemft/mft.pyo
    • /usr/lib/python2.7/site-packages/analyzemft/mftsession.py
    • /usr/lib/python2.7/site-packages/analyzemft/mftsession.pyc
    • /usr/lib/python2.7/site-packages/analyzemft/mftsession.pyo
    • /usr/lib/python2.7/site-packages/analyzemft/mftutils.py
    • /usr/lib/python2.7/site-packages/analyzemft/mftutils.pyc
    • /usr/lib/python2.7/site-packages/analyzemft/mftutils.pyo

    Changelog

    2016-05-27 - Lawrence R. Rogers <lrr@cert.org> - 2.0.19-1 - Release 2.0.19 v2.0.19,05/27/2016 - (Contributed by lespea) - Properly deal with fncnt findings > 3 - Allow the user to use either windows or unix path seperators - General code cleanup

    2016-05-27 - Lawrence R. Rogers <lrr@cert.org> - 2.0.18-1 - Release 2.0.18 v2.0.18,05/24/2015 - Versioning hack

    2016-05-24 - Lawrence R. Rogers <lrr@cert.org> - 2.0.17-1 - Release 2.0.17 v2.0.17,05/23/2015 - Versioning hack

    2016-05-21 - Lawrence R. Rogers <lrr@cert.org> - 2.0.16-1 - Release 2.0.16 v2.0.16,05/21/2015 - Documentation fix and attribute fixes based on NTFS version with thanks to Joachim Metz

    2015-02-08 - Lawrence R. Rogers <lrr@cert.org> - 2.0.15-1 - Release 2.0.15 v2.0.15,02/08/2015 - fix 2's complement computation (Willi) - Added anomaly detection back in. Missing since V2.0.0 in the summer of 2013

    2014-10-24 - Lawrence R. Rogers <lrr@cert.org> - 2.0.14-1 - Release 2.0.14 v2.0.14,11/24/2014 - Fixing directory structure.

    2014-03-15 - Lawrence R. Rogers <lrr@cert.org> - 2.0.12-1 - Release 2.0.12 v2.0.12,03/15/2014 -- (Contributed by Brice) Added -e, --excel switch to print date/times in format that will cause Excel to import them properly.

    2013-10-04 - Lawrence R. Rogers <lrr@cert.org> - 2.0.11-1 - Release 2.0.11 Initial release to the CERT Linux Repository

    Advertisement
    Advertisement