Sometimes it is hard looking for executables in strange places e.g. malware due to the number of paths extracted from an MFT or looking in a dir/file listing within a forensic tool. exefinder is a very simple tool that takes a list of file paths, identifies any .exe’s, sorts them, and outputs a file, not rocket science and could be easily solved using the bash command line.
For example an MFT that contains 500K entries was reduced to about 2K.
- CommandLine: Used for command line parsing
Microsoft .NET Framework v4.5