What is the difference between `SetMace` and `FileTimeControl_NTAPI` in terms of modifying file time attributes?

`SetMace` can read all four time attributes (including MFTChangeTime) but cannot modify them on modern Windows (nt6.x+) unless driver signing is bypassed. `FileTimeControl_NTAPI`, which is based on Metasploit's `timestomp` code, can both read and modify all four attributes without needing a driver, but it currently does not support folder operations. For folders, you must use `FileTimeControl_WinAPI` to modify CreateTime, AccessTime, and LastWriteTime. These tools are discussed in detail in the article Penetration Techniques - Time Attributes of NTFS Files in Windows.