最終更新:2018-08-16 (木) 15:14:52 (2078d)
Debian/パッケージ/フォレンジック
パッケージ
forensics-all
- aesfix?
- aeskeyfind?
- afflib-tools?
- bruteforce-salted-openssl
- cewl?
- chaosreader?
- crack or crack-md5?
- dc3dd?
- dislocker?
- ed2k-hash?
- ewf-tools?
- exifprobe?
- ext3grep?
- ext4magic
- extundelete
- fcrackzip
- forensics-colorize?
- galleta?
- gpart?
- grokevt?
- guymager?
- hashdeep?
- hashrat?
- mac-robber?
- magicrescue?
- memdump?
- metacam?
- missidentify?
- myrescue?
- nasty?
- pasco?
- pff-tools?
- pipebench?
- plaso?
- pompem?
- recoverdm?
- recoverjpeg?
- reglookup?
- rekall-core?
- rephrase?
- rifiuti?
- rifiuti2?
- rkhunter?
- rsakeyfind?
- safecopy?
- scalpel?
- scrounge-ntfs?
- shed?
- sleuthkit?
- ssdeep?
- steghide?
- tableau-parm?
- undbx?
- unhide?
- unhide.rb?
- vinetto?
- volatility?
- volatility-tools?
- winregfs?
- wipe?
- yara?
一覧
- https://michael-prokop.at/blog/2017/05/25/the-newinstretch-game-new-forensic-packages-in-debianstretch/
bruteforce-salted-openssl try to find the passphrase for files encrypted with OpenSSL cewl? custom word list generator dfdatetime/python-dfdatetime? Digital Forensics date and time library dfvfs/python-dfvfs? Digital Forensics Virtual File System dfwinreg? Digital Forensics Windows Registry library dislocker? read/write encrypted BitLocker volumes forensics-all Debian Forensics Environment – essential components (metapackage) forensics-colorize? show differences between files using color graphics forensics-extra Forensics Environment – extra console components (metapackage) hashdeep? recursively compute hashsums or piecewise hashings hashrat? hashing tool supporting several hashes and recursivity libesedb-utils? Extensible Storage Engine DB access library libevt-utils? Windows Event Log (EVT) format access library libevtx-utils? Windows XML Event Log format access library libfsntfs-utils? NTFS access library libfvde-utils? FileVault? Drive Encryption access library libfwnt? Windows NT data type library libfwsi? Windows Shell Item format access library liblnk-utils? Windows Shortcut File format access library libmsiecf-utils? Microsoft Internet Explorer Cache File access library libolecf-utils? OLE2 Compound File format access library libqcow-utils? QEMU Copy-On-Write image format access library libregf-utils? Windows NT Registry File (REGF) format access library libscca-utils? Windows Prefetch File access library libsigscan-utils? binary signature scanning library libsmdev-utils? storage media device access library libsmraw-utils? split RAW image format access library libvhdi-utils? Virtual Hard Disk image format access library libvmdk-utils? VMWare Virtual Disk format access library libvshadow-utils? Volume Shadow Snapshot format access library libvslvm-utils? Linux LVM volume system format access librar plaso? super timeline all the things pompem? Exploit and Vulnerability Finder pytsk/python-tsk? Python Bindings for The Sleuth Kit rekall(-core)? memory analysis and incident response framework unhide.rb? Forensic tool to find processes hidden by rootkits (was already present in wheezy but missing in jessie, available via jessie-backports though) winregfs? Windows registry FUSE filesystem