mftriage

MftTriage is a tool for triaging Master File Table (MFT) records from NTFS file systems, enabling information security professionals to prioritize forensic investigation effectively based on file metadata and activity.

More about this tool
Emoji icon 2728.svg

1. Download and install MftTriage as part of the LinuxIR toolset from the GitHub repository. 2. Launch MftTriage and specify the NTFS disk image file for MFT record triage. 3. Run MftTriage to triage MFT records from the file system. 4. Analyze the triaged MFT records to prioritize forensic investigation based on file metadata and activity effectively in forensic examinations or incident response activities.

Join Our Community

Stay ahead with the latest resource in cybersecurity.

Error. Your form has not been submittedEmoji
This is what the server says:
There must be an @ at the beginning.
I will retry
Reply

Frequently Asked Questions

Got questions? We've got answers.

Submission Successful

The form has been successfully submitted.

Please fill the form below

We will contact you by the email

Error. Your form has not been submittedEmoji
This is what the server says:
There must be an @ at the beginning.
I will retry
Reply

Thanks

Our team will contact you soon!

Thanks!

We will review and publish your platform soon!

Done!

Thank you for joining us. See you later!

Get in Touch

Our excellent customer support team is ready to help.

Popup image
Built on Unicorn Platform