Difference between revisions of "Libesedb"

From Forensics Wiki
Jump to: navigation, search
Line 9: Line 9:
  
 
The '''libesedb''' package contains a library and applications to read  the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format.
 
The '''libesedb''' package contains a library and applications to read  the [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format.
 
The [[Extensible Storage Engine (ESE) Database File (EDB) format | EDB File]] format is used by many Microsoft applications to store data such as:
 
* Active Directory (NTDS)
 
* File Replication service (FRS)
 
* Windows Internet Name service (WINS)
 
* DHCP
 
* Security Configuration Engine (SCE)
 
* Certificate Server
 
* Terminal Services Session folder
 
* Terminal Services Licensing service
 
* Catalog database
 
* Help and Support Services
 
* Directory Synchronization service (MSDSS)
 
* Remote Storage (RSS)
 
* Phone Book service
 
* Single Instance Store (SIS) Groveler
 
* Windows NT Backup/Restore
 
* Exchange store
 
* Microsoft Exchange folder (SRS and DXA)
 
* Key Management service (KMS)
 
* Instant Messaging
 
* Windows (Vista) Mail
 
* Content Indexing/Windows (Desktop) Search
 
  
 
== History ==  
 
== History ==  

Revision as of 08:45, 11 December 2010

libesedb
Maintainer: Joachim Metz
OS: Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows
Genre: Analysis
License: LGPL
Website: libesedb.sourceforge.net

The libesedb package contains a library and applications to read the EDB File format.

History

Libesedb was created by Joachim Metz in 2009, while working for Hoffmann Investigations.

Tools

The libesedb package contains the following tools:

  • esedbexport, which exports the items stored in ESE database files.
  • esedbinfo, which shows the information about ESE database files.

External Links