Difference between revisions of "Libesedb"

From ForensicsWiki
Jump to: navigation, search
Line 10: Line 10:
 
'''libesedb''' is a library currently under development to read the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format. Intended for [[Linux]] systems, the library should also work on other platforms.
 
'''libesedb''' is a library currently under development to read the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format. Intended for [[Linux]] systems, the library should also work on other platforms.
  
The [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format is used by many Microsoft application to store data such as Windows (Vista) Mail, Windows Search, Active Directory and
+
The [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format is used by many Microsoft application to store data such as:
Exchange.
+
 
+
Several Windows applications use ESE to store its data:
+
 
* Active Directory (NTDS)
 
* Active Directory (NTDS)
 
* File Replication service (FRS)
 
* File Replication service (FRS)
Line 33: Line 30:
 
* Key Management service (KMS)
 
* Key Management service (KMS)
 
* Instant Messaging
 
* Instant Messaging
* Content Indexing
+
* Windows (Vista) Mail
 +
* Content Indexing/Windows (Desktop) Search
  
 
== External Links ==
 
== External Links ==
  
 
* [http://libesedb.sourceforge.net/ Official web site]
 
* [http://libesedb.sourceforge.net/ Official web site]

Revision as of 09:07, 11 December 2010

libesedb
Maintainer: Joachim Metz
OS: Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows
Genre: Analysis
License: LGPL
Website: libesedb.sourceforge.net

libesedb is a library currently under development to read the EDB File format. Intended for Linux systems, the library should also work on other platforms.

The EDB File format is used by many Microsoft application to store data such as:

  • Active Directory (NTDS)
  • File Replication service (FRS)
  • Windows Internet Name service (WINS)
  • DHCP
  • Security Configuration Engine (SCE)
  • Certificate Server
  • Terminal Services Session folder
  • Terminal Services Licensing service
  • Catalog database
  • Help and Support Services
  • Directory Synchronization service (MSDSS)
  • Remote Storage (RSS)
  • Phone Book service
  • Single Instance Store (SIS) Groveler
  • Windows NT Backup/Restore
  • Exchange store
  • Microsoft Exchange folder (SRS and DXA)
  • Key Management service (KMS)
  • Instant Messaging
  • Windows (Vista) Mail
  • Content Indexing/Windows (Desktop) Search

External Links