Difference between revisions of "Libesedb"

From ForensicsWiki
Jump to: navigation, search
(External Links)
Line 8: Line 8:
 
}}
 
}}
  
'''libesedb''' is a library currently under development to read the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format. Intended for [[Linux]] systems, the library should also work on other platforms.
+
The '''libesedb''' package contains a library and applications to read the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format.
  
The [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format is used by many Microsoft application to store data such as:
+
The [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format is used by many Microsoft applications to store data such as:
 
* Active Directory (NTDS)
 
* Active Directory (NTDS)
 
* File Replication service (FRS)
 
* File Replication service (FRS)
Line 32: Line 32:
 
* Windows (Vista) Mail
 
* Windows (Vista) Mail
 
* Content Indexing/Windows (Desktop) Search
 
* Content Indexing/Windows (Desktop) Search
 +
 +
== History ==
 +
 +
Libesedb was created by [[Joachim Metz]] in 2009, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
 +
 +
== Tools ==
 +
The libesedb package contains the following tools:
 +
* '''esedbexport''', which exports the items stored in ESE database files.
 +
* '''esedbinfo''', which shows the information about ESE database files.
  
 
== External Links ==
 
== External Links ==
  
 
* [http://libesedb.sourceforge.net/ libesedb project site]
 
* [http://libesedb.sourceforge.net/ libesedb project site]

Revision as of 08:44, 11 December 2010

libesedb
Maintainer: Joachim Metz
OS: Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows
Genre: Analysis
License: LGPL
Website: libesedb.sourceforge.net

The libesedb package contains a library and applications to read the EDB File format.

The EDB File format is used by many Microsoft applications to store data such as:

  • Active Directory (NTDS)
  • File Replication service (FRS)
  • Windows Internet Name service (WINS)
  • DHCP
  • Security Configuration Engine (SCE)
  • Certificate Server
  • Terminal Services Session folder
  • Terminal Services Licensing service
  • Catalog database
  • Help and Support Services
  • Directory Synchronization service (MSDSS)
  • Remote Storage (RSS)
  • Phone Book service
  • Single Instance Store (SIS) Groveler
  • Windows NT Backup/Restore
  • Exchange store
  • Microsoft Exchange folder (SRS and DXA)
  • Key Management service (KMS)
  • Instant Messaging
  • Windows (Vista) Mail
  • Content Indexing/Windows (Desktop) Search

History

Libesedb was created by Joachim Metz in 2009, while working for Hoffmann Investigations.

Tools

The libesedb package contains the following tools:

  • esedbexport, which exports the items stored in ESE database files.
  • esedbinfo, which shows the information about ESE database files.

External Links