diff options
author | Omer BenAmram <omerbenamram@gmail.com> | 2019-06-05 08:41:10 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-05 08:41:10 +0300 |
commit | c2e59b9c88f28ff79dca7f166c1d911e4600976a (patch) | |
tree | c81d28b390dca826674a251d183e9392f93076eb | |
parent | 971c768c97d08f615a6057fcd7138220ab9cfa16 (diff) | |
parent | 176be4f552a040aa6abfca0ce9cd5f153ad0c806 (diff) |
Merge pull request #7 from oylenshpeegul/patch-1
Typo: input file, not evtx file
-rw-r--r-- | README.md | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -25,8 +25,8 @@ Python bindings are available as well at https://github.com/omerbenamram/pymft-r The main binary utility provided with this crate is `mft_dump`, and it provides a quick way to convert mft snapshots to different output formats. Some examples - - `mft_dump <evtx_file>` will dump contents of mft entries as JSON. - - `mft_dump -o csv <evtx_file>` will dump contents of mft entries as CSV. + - `mft_dump <input_file>` will dump contents of mft entries as JSON. + - `mft_dump -o csv <input_file>` will dump contents of mft entries as CSV. - `mft_dump --extract-resident-streams <output_directory> -o json <input_file>` will extract all resident streams in MFT to files in <output_directory>. # Library usage: |