eCryptfs Parser is a GUI for Linux and Windows that recursively parses the headers of every eCryptfs file found in a given directory. It will tell you what encryption algorithm was used, the original filesize, signature used etc

Features

  • GUI runs in both Linux and Windows systems. Envisaged uses in Windows is with regard to the extraction of such files from a forensic image of disk.
  • Recursively explores every header of every eCryptfs file found in a given directory
  • Optional choice to SHA1 hash the files, or not
  • Calculates the original size of the file, before it was encrypted
  • Calculates header extent sizes
  • Calculates the encryption algorithm used (3DES, AES, Blowfish etc)
  • Displays what salt was used for the key generation
  • Signature of the File Encryption Key, to tie the ownership to a particular user
  • Full rendering of the whole header, with ability to copy and paste the whole grid to spreadsheet
  • Released under GNU with source code provided
  • Ability to export the results to CSV text file or HTML file for web browser

Project Samples

eCryptfs Parser v1.1.0 running in Windows XP Pro eCryptfs Parser v1.1.0 running in Ubuntu/GNU Linux 10.04

Project Activity

See All Activity >

Categories

Encryption Algorithms

Follow eCryptfs Parser

eCryptfs Parser Web Site

You Might Also Like
Red Hat Ansible Automation Platform on Microsoft Azure Icon
Red Hat Ansible Automation Platform on Microsoft Azure

Red Hat Ansible Automation Platform on Azure allows you to quickly deploy, automate, and manage resources securely and at scale.

Deploy Red Hat Ansible Automation Platform on Microsoft Azure for a strategic automation solution that allows you to orchestrate, govern and operationalize your Azure environment.
Learn More

Additional Project Details

Registered

2011-07-04
Report inappropriate content