Home

Awesome

ArtifactExtractor

ArtifactExtractor is a script that extracts common Windows artifacts from source images and VSCs.

Artifacts in VSCs will be checked (via hash) if they are different from a later VSC/image copy before extraction.

Dependencies

None if using release executable on Windows.

Else:

  1. Install backports.lzma
    • Windows: Use latest wheel file available from here
    • Linux: Use a package manager, e.g. sudo apt install liblzma-dev
  2. Install libewf
  3. (Windows ONLY) Install pywin32: pip install pywin32
  4. Install remaining requirements: use requirements.txt
    • Use pip: pip install -r requirements.txt

Usage

  1. Create destination directory
  2. artifact_extractor.exe <source image> <dest dir> [-a <selected artifacts>] or artifact_extractor.exe -h for more options

Credits

Joachim Metz and his libraries

John Corcoran for Unix Compatibility