Pinned Repositories
articles
Various files linked to my articles, posts, etc.
dfir_ntfs
An NTFS/FAT parser for digital forensics & incident response
grub-unlzma
Locate and extract a compressed core image within a bootable image of GRUB
Linux-write-blocker
The kernel patch and userspace tools to enable Linux software write blocking
ntfs-samples
NTFS samples
regf
Windows registry file format specification
regf-samples
Windows registry samples
registry-miner
Registry Miner
winmem_decompress
Extract compressed memory pages from page-aligned data
yarp
Yet another registry parser
msuhanov's Repositories
msuhanov/regf
Windows registry file format specification
msuhanov/dfir_ntfs
An NTFS/FAT parser for digital forensics & incident response
msuhanov/Linux-write-blocker
The kernel patch and userspace tools to enable Linux software write blocking
msuhanov/yarp
Yet another registry parser
msuhanov/winmem_decompress
Extract compressed memory pages from page-aligned data
msuhanov/ntfs-samples
NTFS samples
msuhanov/regf-samples
Windows registry samples
msuhanov/registry-miner
Registry Miner
msuhanov/grub-unlzma
Locate and extract a compressed core image within a bootable image of GRUB
msuhanov/articles
Various files linked to my articles, posts, etc.
msuhanov/grub-raiddump
The GRUB command to acquire the contents of a fake RAID
msuhanov/sleuthkit
The Sleuth Kitยฎ (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
msuhanov/winbootpath
Boot path verification for Windows on read-only media
msuhanov/autopsy-2.24-patch
The patch for Autopsy 2.24 to fix issues with TSK 4.1.3
msuhanov/dosfstools
dosfstools consists of the programs mkfs.fat, fsck.fat and fatlabel to create, check and label file systems of the FAT family.
msuhanov/ntfs-3g
NTFS-3G Safe Read/Write NTFS Driver