TSCOPY

TScopy is a Python script used to parse the NTFS $MFT file to locate and copy specific files.

View on GitHub

TSCOPY

TScopy is a Python script used to parse the NTFS $MFT file to locate and copy specific files. By parsing the Master File Table (MFT), the script bypasses operating system locks on files. The script was originally based on the work of RawCopy. RawCopy is written in AutoIT and is difficult to modify for our purposes. The decision to port RawCopy to Python was done because of the need to incorporate this functionality natively into our toolset.

How to Get TScopy

Option 1
To download TScopy, type the following command in Linux:
git clone https://github.com/trustedsec/tscopy

Option 2
View on Git.

How to Get Help with TScopy
For bug reports or enhancements, please open an issue on this projects GitHub page.

Solutions

Services

About Us

TSCOPY