最終更新:2018-08-16 (木) 15:14:52 (2074d)  

Debian/パッケージ/フォレンジック
Top / Debian / パッケージ / フォレンジック

パッケージ

forensics-all

  • aesfix?
  • aeskeyfind?
  • afflib-tools?
  • bruteforce-salted-openssl
  • cewl?
  • chaosreader?
  • crack or crack-md5?
  • dc3dd?
  • dislocker?
  • ed2k-hash?
  • ewf-tools?
  • exifprobe?
  • ext3grep?
  • ext4magic
  • extundelete
  • fcrackzip
  • forensics-colorize?
  • galleta?
  • gpart?
  • grokevt?
  • guymager?
  • hashdeep?
  • hashrat?
  • mac-robber?
  • magicrescue?
  • memdump?
  • metacam?
  • missidentify?
  • myrescue?
  • nasty?
  • pasco?
  • pff-tools?
  • pipebench?
  • plaso?
  • pompem?
  • recoverdm?
  • recoverjpeg?
  • reglookup?
  • rekall-core?
  • rephrase?
  • rifiuti?
  • rifiuti2?
  • rkhunter?
  • rsakeyfind?
  • safecopy?
  • scalpel?
  • scrounge-ntfs?
  • shed?
  • sleuthkit?
  • ssdeep?
  • steghide?
  • tableau-parm?
  • undbx?
  • unhide?
  • unhide.rb?
  • vinetto?
  • volatility?
  • volatility-tools?
  • winregfs?
  • wipe?
  • yara?

一覧

  • https://michael-prokop.at/blog/2017/05/25/the-newinstretch-game-new-forensic-packages-in-debianstretch/
    bruteforce-salted-openssltry to find the passphrase for files encrypted with OpenSSL
    cewl?custom word list generator
    dfdatetime/python-dfdatetime?Digital Forensics date and time library
    dfvfs/python-dfvfs?Digital Forensics Virtual File System
    dfwinreg?Digital Forensics Windows Registry library
    dislocker?read/write encrypted BitLocker volumes
    forensics-allDebian Forensics Environment – essential components (metapackage)
    forensics-colorize?show differences between files using color graphics
    forensics-extraForensics Environment – extra console components (metapackage)
    hashdeep?recursively compute hashsums or piecewise hashings
    hashrat?hashing tool supporting several hashes and recursivity
    libesedb-utils?Extensible Storage Engine DB access library
    libevt-utils?Windows Event Log (EVT) format access library
    libevtx-utils?Windows XML Event Log format access library
    libfsntfs-utils?NTFS access library
    libfvde-utils?FileVault? Drive Encryption access library
    libfwnt?Windows NT data type library
    libfwsi?Windows Shell Item format access library
    liblnk-utils?Windows Shortcut File format access library
    libmsiecf-utils?Microsoft Internet Explorer Cache File access library
    libolecf-utils?OLE2 Compound File format access library
    libqcow-utils?QEMU Copy-On-Write image format access library
    libregf-utils?Windows NT Registry File (REGF) format access library
    libscca-utils?Windows Prefetch File access library
    libsigscan-utils?binary signature scanning library
    libsmdev-utils?storage media device access library
    libsmraw-utils?split RAW image format access library
    libvhdi-utils?Virtual Hard Disk image format access library
    libvmdk-utils?VMWare Virtual Disk format access library
    libvshadow-utils?Volume Shadow Snapshot format access library
    libvslvm-utils?Linux LVM volume system format access librar
    plaso?super timeline all the things
    pompem?Exploit and Vulnerability Finder
    pytsk/python-tsk?Python Bindings for The Sleuth Kit
    rekall(-core)?memory analysis and incident response framework
    unhide.rb?Forensic tool to find processes hidden by rootkits (was already present in wheezy but missing in jessie, available via jessie-backports though)
    winregfs?Windows registry FUSE filesystem



検索: