1
I Use This!
Inactive
Analyzed 1 day ago. based on code collected 1 day ago.

Project Summary

VFAE is windows based tool written in C++ that extracts files with a known location from VMDK images running the Windows operating system. The tool utilizes the VDDK (Virtual Disk Development Kit) API for the heavy lifting such as mounting, opening, and reading the VMDK selected. When vfae.exe is executed, it copies out files from an off-line VMDK file. The application allows the user to conduct a quick triage of the Windows directory structure by outputing the results to a specific output file (vfae_output_.txt. Additionally, it conducts a MD5 hash value of the VMDK itself if needed. For specific file searching purposes, it searches for any filetype within the off-line VMDK based on a passed in argument via the command-line. Furthermore, you can extract those file that were fou

Tags

c++ commandline forensics

In a Nutshell, Virtual Forensic Artifact Extractor...

Quick Reference

GNU General Public License v3.0 only
Permitted

Commercial Use

Modify

Distribute

Place Warranty

Use Patent Claims

Forbidden

Sub-License

Hold Liable

Required

Distribute Original

Disclose Source

Include Copyright

State Changes

Include License

Include Install Instructions

These details are provided for information only. No information here is legal advice and should not be used as such.

This Project has No vulnerabilities Reported Against it

Did You Know...

  • ...
    nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
  • ...
    you can embed statistics from Open Hub on your site
  • ...
    in 2016, 47% of companies did not have formal process in place to track OS code
  • ...
    anyone with an Open Hub account can update a project's tags

Languages

C++
100%

30 Day Summary

Sep 9 2024 — Oct 9 2024

12 Month Summary

Oct 9 2023 — Oct 9 2024

Ratings

Be the first to rate this project
Click to add your rating
  
Review this Project!