Open flyguy62n opened 5 months ago
NTFS ADS can be used to write additional content into a separate stream where the file name is of the form 'file name:stream'.
As a PIIDigger user, data written to an alternate data stream should be evaluated.
For each file on an NTFS volume, enumerate any ADS.
Add the ADS file name 'filename:stream' to the queue of files to be processed by the file handler
Files with handleable and in-handleable ADS should be added to the 'testdata' folder.
https://github.com/RobinDavid/pyADS
flyguy62n
commented
5 months ago flyguy62n
commented
5 months ago
Problem
NTFS ADS can be used to write additional content into a separate stream where the file name is of the form 'file name:stream'.
User Story
As a PIIDigger user, data written to an alternate data stream should be evaluated.
Requirements
Inputs
For each file on an NTFS volume, enumerate any ADS.
Outputs
Add the ADS file name 'filename:stream' to the queue of files to be processed by the file handler
Unit Tests
Files with handleable and in-handleable ADS should be added to the 'testdata' folder.