GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → shujianyang → btrForensics

shujianyang / btrForensics

Licence: MIT license
Forensic Analysis Tool for Btrfs File System.

Programming Languages

C++
36643 projects - #6 most used programming language
CMake
9771 projects
c
50402 projects - #5 most used programming language

Labels

btrfsforensic-analysissleuthkit

Projects that are alternatives of or similar to btrForensics

btrfscue
Recover files from damaged BTRFS filesystems
Stars: ✭ 28 (+86.67%)
Mutual labels:  btrfs, forensic-analysis
Backup And Recovery Howtos
Guides to setting up a media storage system, backing it up, and recovering from failures
Stars: ✭ 235 (+1466.67%)
Mutual labels:  btrfs
Btrbk
Tool for creating snapshots and remote backups of btrfs subvolumes
Stars: ✭ 605 (+3933.33%)
Mutual labels:  btrfs
Btrfs Heatmap
Visualize the layout of data on your btrfs filesystem over time
Stars: ✭ 110 (+633.33%)
Mutual labels:  btrfs
Btrfs Swapon
Btrfs doesn't allow to swap on a file. This script allows you do swap on a file anyway.
Stars: ✭ 42 (+180%)
Mutual labels:  btrfs
Janus
Janus: a state-of-the-art file system fuzzer on Linux
Stars: ✭ 139 (+826.67%)
Mutual labels:  btrfs
Systemd Swap
Script for creating hybrid swap space from zram swaps, swap files and swap partitions.
Stars: ✭ 473 (+3053.33%)
Mutual labels:  btrfs
Palmprint-Recognition-in-the-Wild
No description or website provided.
Stars: ✭ 22 (+46.67%)
Mutual labels:  forensic-analysis
Btrfs
WinBtrfs - an open-source btrfs driver for Windows
Stars: ✭ 2,681 (+17773.33%)
Mutual labels:  btrfs
Btrfs Sxbackup
Incremental btrfs snapshot backups with push/pull support via SSH
Stars: ✭ 105 (+600%)
Mutual labels:  btrfs
Python Btrfs
Python Btrfs module
Stars: ✭ 72 (+380%)
Mutual labels:  btrfs
Btdu
sampling disk usage profiler for btrfs
Stars: ✭ 50 (+233.33%)
Mutual labels:  btrfs
Grub Btrfs
Include btrfs snapshots at boot options. (Grub menu)
Stars: ✭ 153 (+920%)
Mutual labels:  btrfs
Jdupes
A powerful duplicate file finder and an enhanced fork of 'fdupes'.
Stars: ✭ 790 (+5166.67%)
Mutual labels:  btrfs
Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+340%)
Mutual labels:  forensic-analysis
Mkosi
Build Legacy-Free OS Images
Stars: ✭ 589 (+3826.67%)
Mutual labels:  btrfs
Hardware
The devices I have, what runs on them, their configurations, issues, solutions, and associated projects
Stars: ✭ 67 (+346.67%)
Mutual labels:  btrfs
Znx
Operating system manager.
Stars: ✭ 127 (+746.67%)
Mutual labels:  btrfs
buttermanager
ButterManager is a BTRFS tool for managing snapshots, balancing filesystems and upgrading the system safetly.
Stars: ✭ 92 (+513.33%)
Mutual labels:  btrfs
arch-btrfs-install-guide
Arch Linux installation guide with btrfs and snapper, this guide is based on the information from unicks.eu guide https://www.youtube.com/watch?v=TKdZiCTh3EM, and Arch Linux UEFI step-by-step installation guide https://www.youtube.com/watch?v=dOXYZ8hKdmc from ALU.
Stars: ✭ 32 (+113.33%)
Mutual labels:  btrfs
View All Similar Projects ➔

btrForensics

Forensic Analysis Tool for Btrfs File System.

Platform:

Linux

Prerequisite:

Install the Sleuth Kit library --> Link

Build:

mkdir build

cd build

cmake ..

make

Input File:

Raw image which contains a btrfs partition, or a partition device file with btrfs.

Usage:

btrfrsc [-o offset1,offset2,offset3...] image

-o offset: Offset to the beginning of the partition (in sectors). May have multiple values if the pool is made up by multiple partitions(devices).

Current Capabilities:

  1. Browse nodes derived from root tree and print information.
  2. Browse nodes in filesystem tree and print information.
  3. List all files in default filesystem tree.
  4. Explor files and subdirectories in default root directory.
  5. Switch to a subvolume or snapshot and exploere files within.
  6. Read a file from image and save to current directory.

Tools

There will be some stand alone programs built in Tools/ folder.

Most of them simulates functions of tools in The Sleuth's Kit.

Current list:

Tools/fsstat: Print information about the file system.
Tools/fls: List files and/or directories in a Btrfs partition image.
Tools/istat: Print information about an inode.
Tools/icat: Output the contents of file with provided inode number in Btrfs.
Tools/subls: List subvolumes and snapshots in a Btrfs image.

Note:

Reference of Btrfs structure can be found in btrfs Wiki.

Btrfs on-disk format: Link

License:

This software uses MIT License.

The Sleuth Kit library is employed.

You can find the Sleuth Kit from sleuthkit/sleuthkit

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].