Vortex MFT

NTFS Forensic Parser

NTFS forensic parser for raw physical disk analysis. Extracts $MFT, $UsnJrnl, $Logfile, and $I30 with built-in anomaly detection for hidden threats.

• Raw Physical Access to NTFS structures
• Automated Triage: 27 unique anomaly rules
• Full USN Journal and Transaction decoding