You are browsing the archive for HMFT.

Finding Alternate Data Streams (ADS) with HMFT

October 4, 2012 in Compromise Detection, Forensic Analysis, HMFT, Malware Analysis, Tips & Tricks

Finding Alternate Data StreamsĀ  (ADS) on the whole drive may be quite time consuming so in this quick post I will show you how to do it faster with HMFT. […]

HMFT update: listing $MFT attributes

September 29, 2012 in Compromise Detection, Forensic Analysis, HMFT, Malware Analysis, Software Releases

A few months back I released the first version of HMFT – a small utility written in x86 assembly that reads $MFT directly from a physical disk (or raw image […]