Skip to content

A Digital Forensics project on Windows EFS. Demonstrates identifying encrypted files, extracting File Encryption Keys (FEKs), retrieving private keys from certificates, and decrypting file contents using tools like Sleuth Kit, Mimikatz, OpenSSL, and AES decryption.

Notifications You must be signed in to change notification settings

samibutt77/EFS-Key-Extraction-File-Decryption

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 

Repository files navigation

EFSParser.zip Password: efs12345678

Disable any antivirus before extracting & running

About

A Digital Forensics project on Windows EFS. Demonstrates identifying encrypted files, extracting File Encryption Keys (FEKs), retrieving private keys from certificates, and decrypting file contents using tools like Sleuth Kit, Mimikatz, OpenSSL, and AES decryption.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published