eCryptfs Parser is a GUI for Linux and Windows that recursively parses the headers of every eCryptfs file found in a given directory. It will tell you what encryption algorithm was used, the original filesize, signature used etc

Features

  • GUI runs in both Linux and Windows systems. Envisaged uses in Windows is with regard to the extraction of such files from a forensic image of disk.
  • Recursively explores every header of every eCryptfs file found in a given directory
  • Optional choice to SHA1 hash the files, or not
  • Calculates the original size of the file, before it was encrypted
  • Calculates header extent sizes
  • Calculates the encryption algorithm used (3DES, AES, Blowfish etc)
  • Displays what salt was used for the key generation
  • Signature of the File Encryption Key, to tie the ownership to a particular user
  • Full rendering of the whole header, with ability to copy and paste the whole grid to spreadsheet
  • Released under GNU with source code provided
  • Ability to export the results to CSV text file or HTML file for web browser

Project Samples

eCryptfs Parser v1.1.0 running in Windows XP Pro eCryptfs Parser v1.1.0 running in Ubuntu/GNU Linux 10.04

Project Activity

See All Activity >

Categories

Encryption Algorithms

Follow eCryptfs Parser

eCryptfs Parser Web Site

nel_h2
MongoDB Atlas runs apps anywhere Icon
MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Start Free

Additional Project Details

Registered

2011-07-04
Report inappropriate content