eCryptfs Parser is a GUI for Linux and Windows that recursively parses the headers of every eCryptfs file found in a given directory. It will tell you what encryption algorithm was used, the original filesize, signature used etc

Features

  • GUI runs in both Linux and Windows systems. Envisaged uses in Windows is with regard to the extraction of such files from a forensic image of disk.
  • Recursively explores every header of every eCryptfs file found in a given directory
  • Optional choice to SHA1 hash the files, or not
  • Calculates the original size of the file, before it was encrypted
  • Calculates header extent sizes
  • Calculates the encryption algorithm used (3DES, AES, Blowfish etc)
  • Displays what salt was used for the key generation
  • Signature of the File Encryption Key, to tie the ownership to a particular user
  • Full rendering of the whole header, with ability to copy and paste the whole grid to spreadsheet
  • Released under GNU with source code provided
  • Ability to export the results to CSV text file or HTML file for web browser

Project Samples

eCryptfs Parser v1.1.0 running in Windows XP Pro eCryptfs Parser v1.1.0 running in Ubuntu/GNU Linux 10.04

Project Activity

See All Activity >

Categories

Encryption Algorithms

Follow eCryptfs Parser

eCryptfs Parser Web Site

Other Useful Business Software
Build Securely on AWS with Proven Frameworks Icon
Build Securely on AWS with Proven Frameworks

Lay a foundation for success with Tested Reference Architectures developed by Fortinet’s experts. Learn more in this white paper.

Moving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
Download Now

Additional Project Details

Registered

2011-07-04
Report inappropriate content