NTFS Log Tracker
This tool can parse $LogFile, $UsnJrnl of NTFS.
A input of this tool is sample file extracted by another tool like Encase, Winhex.
If you want to see "Full Path" information, you should input $MFT file.
A time information is local time.(system's time)
Rate this listing
Free and/or open-source software (FOSS)
Be the first to review this listing!
Previous listing in Forensic Utilities - Windows
Next listing in Forensic Utilities - Windows
Copyright | DFIR Training