extundelete

Recover deleted files from ext3 or ext4 partitions by parsing the journal.

TLDR

Restore all deleted files inside partition N on device X

$ sudo extundelete [/dev/sdXN] --restore-all
copy

Restore a file from a path relative to root (Do not start the path with /)

$ extundelete [/dev/sdXN] --restore-file [path/to/file]
copy

Restore a directory from a path relative to root (Do not start the path with /)

$ extundelete [/dev/sdXN] --restore-directory [path/to/directory]
copy

Restore all files deleted after January 1st, 2020 (in Unix time)

$ extundelete [/dev/sdXN] --restore-all --after [1577840400]
copy

Copied to clipboard
realt