LiFTeR: Changes for rekall
- November 16, 2018: rekall-1.7.2-1.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el7}.{i686,x86_64}.rpm - Rekall is an advanced forensic and incident response framework.
While it began life purely as a memory forensic framework, it has now evolved into a complete platform.
Rekall implements the most advanced analysis techniques in the field, while still being developed in the open, with a free and open source license. Many of the innovations implemented within Rekall have been published in
peer reviewed papers.
Note that this package has been installed in the forensics-test repository for now. To install rekall on your system, you first need to enable this repository by running this command for Fedora:
sudo dnf config-manager --set-enabled forensics-test
or this command for CentOS/RHEL:
sudo yum-config-manager --enable forensics-test
Please report any problems with rekall to
Please note that the installation of all of these ancillary packages neede by rekall use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.