MFT Explorer

A forensic analysis tool for parsing the NTFS Master File Table to reconstruct file system activity and artifact timelines.

Jan 12, 2026

∙ Paid

MFT Explorer is a Windows forensics utility developed by Eric Zimmerman for analyzing the NTFS Master File Table (MFT). The MFT is the core metadata structure of NTFS file systems and records detaile…

Continue reading this post for free, courtesy of CyberMaterial.

Or purchase a paid subscription.