all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Trying to parse MFT table entries using Python 3

Add to bookmarks
June 23, 2024, 7:12 p.m. | /u/Dry_Crazy_7570

Computer Forensics www.reddit.com

I have been working to parse out the MFT entries using the seek() and read() functions, but after locating the NTFS Volume Boot Block and finding the long long value which represents the location of the first entry of the table ("C00000" in little endian), I could find the first entry after adding in the offset the NTFS Volume Boot Block.

I loaded my image into FTKImager and navigated to my calculated location and was able to find the first …

block boot computerforensics entry find functions location mft ntfs python python 3 using value working

Visit resource

More from www.reddit.com / Computer Forensics

Old Belkasoft CTF Writeup 1 day, 3 hours ago | www.reddit.com
command command line command line tools computer +10
Video Forensics: Where to Start 2 days, 12 hours ago | www.reddit.com
area career computerforensics corporate +18
Best books for DFIR learning 2 days, 22 hours ago | www.reddit.com
analysis apt back books +13
Best Methods/formats to provide evidence for EDiscovery? 3 days, 7 hours ago | www.reddit.com
computerforensics data ediscovery evidence +10
Updated Volatility Foundation’s Memory Samples 3 days, 11 hours ago | www.reddit.com
can collection comments computerforensics +9
Trying to parse MFT table entries using Python 3 5 days, 11 hours ago | www.reddit.com
block boot computerforensics entry +10
Is LE Computer forensics as dark as they say? 5 days, 14 hours ago | www.reddit.com
bad cases computer computer forensics +12
How much malware analysis knowledge do DFIR consultants need to know? 5 days, 21 hours ago | www.reddit.com
analysis computerforensics consultants dfir +12
Trying to access Mac logs to see when a USB was last mounted. 6 days, 5 hours ago | www.reddit.com
access commands computerforensics drive +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Senior Analyst, Corporate Security

@ Toast | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Product Manager

@ Microsoft | Bengaluru, Karnataka, India
View on infosec-jobs.com

VP, Product Marketing

@ Proofpoint | Sunnyvale, CA
View on infosec-jobs.com

Senior Sales Engineer - NYC

@ Juniper Networks | New York City, United States
View on infosec-jobs.com

Sr. Analyst | Onsite, Bangalore.

@ Optiv | Bengaluru
View on infosec-jobs.com

Senior Data Analyst (ArcSight)

@ Capgemini | Washington, DC, District of Columbia, United States
View on infosec-jobs.com