VMDK Forensic Artifact Extractor (VFAE) download

VFAE is windows based tool written in C++ that extracts files from VMDK images running the Windows operating system. The tool utilizes the VDDK (Virtual Disk Development Kit) API for the heavy lifting such as mounting, opening, and reading the VMDK selected. When vfae.exe is executed, it copies out files from the off-line VMDK file. The application allows the user to conduct a quick triage of the Windows
directory structure by outputting the results to a specific output file. Additionally, it conducts a pre and post MD5 hash value of the VMDK itself if needed. For specific file searching purposes, it searches for any file type within the off-line VMDK based on a passed in argument via the command-line. Furthermore, you can extract those files that were found in a hard-coded "Extracted Files" directory as well as
provide the MD5 hash of each file that was extracted.

Features

Can perform pre and post MD5 hashing for your VMDK's.
Triage directory structure of windows based operating systems (virtual).
Search for specific file types after triage has taken place.
Extract files from off-line VMDK files to local disk with MD5 hash values of each file.

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow VMDK Forensic Artifact Extractor (VFAE)

VMDK Forensic Artifact Extractor (VFAE) Web Site

Other Useful Business Software

Our Free Plans just got better! | Auth0 by Okta

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.

Try free now

Rate This Project

User Reviews

Be the first to post a review of VMDK Forensic Artifact Extractor (VFAE)!

Additional Project Details

Operating Systems

Windows

Intended Audience

Advanced End Users

User Interface

Command-line

Programming Language

C++

Related Categories

C++ Software Development Software

Registered

2011-04-07

Similar Business Software

Pdftools

Whether you have thousands of documents or millions, Pdftools has the products and services to help make processing a breeze. Designed for document-heavy industries, Pdftools’ suite of SDKs and APIs are here to make your document workflows easier, faster, and stress-free. Built on SDKs and...

See Software
pdfRest

pdfRest API Toolkit was made by developers, for developers. Rapidly integrate PDF workflows with any business application, simply and seamlessly. pdfRest API Toolkit includes all of the PDF processing tools you'll need, to make your job easy. PDF to Word, PDF to Excel, PDF to PowerPoint, Add to...

See Software
Thinfinity Workspace

Thinfinity® Workspace 7 is a comprehensive, secure platform that offers a zero-trust approach, enabling secure and contextual access to corporate virtual desktops, virtual applications, internal web apps, SaaS, and files, whether they are on Windows, Linux, or mainframes. It supports various...

See Software