samibutt77 / EFS-Key-Extraction-File-Decryption Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

A Digital Forensics project on Windows EFS. Demonstrates identifying encrypted files, extracting File Encryption Keys (FEKs), retrieving private keys from certificates, and decrypting file contents using tools like Sleuth Kit, Mimikatz, OpenSSL, and AES decryption.

0 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
EFSParser.zip		EFSParser.zip
README.md		README.md
UserGuide.docx		UserGuide.docx

Repository files navigation

EFSParser.zip Password: efs12345678

Disable any antivirus before extracting & running

About

A Digital Forensics project on Windows EFS. Demonstrates identifying encrypted files, extracting File Encryption Keys (FEKs), retrieving private keys from certificates, and decrypting file contents using tools like Sleuth Kit, Mimikatz, OpenSSL, and AES decryption.

digitalforensics

Report repository

Releases

No releases published

Packages

No packages published