An easy-to-use wrapper for NTFS-3G on macOS

Related tags

Security related resourcespythonmacosntfsntfs-3g
Overview

ezNTFS

ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS.

ezNTFS can be used as a menu bar app, or via the CLI in the terminal.

Installation

To use ezNTFS, you will need Python 3, FUSE for macOS (osxfuse), and NTFS-3G installed in your system.

To install NTFS-3G, you may compile and install it yourself (recommended, see instructions at the end), or you may also install it via brew.

To install ezNTFS, run:

$ pip3 install ezntfs

It should be accessible from the terminal afterwards.

To configure the menu bar app, run the command after installing ezNTFS:

$ sudo ezntfs-app install

This command adds ntfs-3g to a sudoers file, and automatically launches the app on start-up. The app will also be launched right after install.

NOTE: The app icon will only show up if there are NTFS volumes plugged in. You may also need to grant Python access to removable volumes for this to work.

Usage (CLI)

Mount all read-only NTFS volumes using ntfs-3g (root privileges are needed for mounting):

$ sudo ezntfs all

Mount a specific NTFS volume (run ezntfs list to find the disk id):

$ sudo ezntfs

Alternatives

Format as exFAT

  • Natively supported by macOS
  • exFAT is less reliable (no journaling), only use for flash drives

Auto-mount script

  • Setup requires disabling System Integrity Protection (SIP) or Sealed System Volume (SSV)
  • Mounts with NTFS-3G even when not needed, which may slow down reads

Mounty

  • Volumes won't show up on Finder
  • Writing via Apple's native NTFS driver is not officially supported

Tuxera NTFS driver

  • Not free
  • Mature (same developers as NTFS-3G)
  • Kernel driver, should be faster than FUSE

Paragon NTFS driver

Compiling and installing NTFS-3G

We recommend compiling and installing NTFS-3G yourself for security. This allows installing it as root, which keeps things secure when added to sudoers.

Instructions

# Clone the git repo (you may want to clone a newer version if available)
git clone --depth 1 --branch 2021.8.22 https://github.com/tuxera/ntfs-3g.git
cd ntfs-3g

# Install the dependencies needed for compilation
brew install autoconf automake libgcrypt libtool pkg-config gettext

# Compile and install ntfs-3g
export LDFLAGS=-lintl
./autogen.sh
./configure \
    --disable-debug \
    --disable-dependency-tracking \
    --with-fuse=external \
    --prefix=/usr/local \
    --exec-prefix=/usr/local \
    --mandir=/usr/local/share/man \
    --sbindir=/usr/local/sbin
make
sudo make install

# Delete the cloned git repo
rm -r .
Owner
Matthew Go
Stuck in a rabbit hole. Send help!
Matthew Go
GitHub Repository
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert

Anish Athalye 838 Dec 18, 2022
A terminal based web shell controller

shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w

s1mple 10 Dec 28, 2021
Use scrapli to retrieve security zone information from a Juniper SRX firewall

Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t

Calvin Remsburg 2 Jun 19, 2022
Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various

Prince Prafull 4 Jan 10, 2022
Password List Maker

Red-Key Red-Key Password List Maker Version 1.1.2 Created By FireKing255 -=Features=- Create Random Password List Create Password List Create Password

FireKing255 7 Dec 26, 2021
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

52 Dec 16, 2022
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount

Siddharth Dushantha 243 Dec 27, 2022
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Dylan Meca 16 Dec 08, 2022
CVE-2021-26855: PoC (Not a HoneyPoC for once!)

Exch-CVE-2021-26855 ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker b

ZephrFish 24 Nov 14, 2022
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos

A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More

104 Nov 09, 2022
A simple way to store your passwords without requiring third party applications

SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web

Leone Odinga 1 Dec 23, 2021
The self-hostable proxy tunnel

TTUN Server The self-hostable proxy tunnel. Running Running: docker run -e TUNNEL_DOMAIN=Your tunnel domain -e SECURE=True if using SSL ghcr.io/to

Tom van der Lee 2 Jan 11, 2022
A small script to export all AWAF policies from a BIG-IP device

This script leverages BIG-IP iControl REST API to export ALL AWAF policies in the system and saves them locally. The policies can be exported in the following formats: xml, plc and json.

3 Feb 03, 2022
POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL Pre-Auth RCE Injection Vulneralibity.

CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V

antx 9 Aug 31, 2022
An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

dvm 8.1k Dec 31, 2022
Confluence Server Webwork OGNL injection

CVE-2021-26084 - Confluence Server Webwork OGNL injection An OGNL injection vulnerability exists that would allow an authenticated user and in some in

Fellipe Oliveira 295 Jan 06, 2023
利用NTLM Hash读取Exchange邮件

GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。

<a href=[email protected]"> 388 Dec 27, 2022
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
A forensic collection tool written in Python.

CHIRP A forensic collection tool written in Python. Watch the video overview 📝 Table of Contents 📝 Table of Contents 🧐 About 🏁 Getting Started Pre

Cybersecurity and Infrastructure Security Agency 1k Dec 09, 2022
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device

f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce

Ismael Gonçalves 5 Mar 31, 2022