Linux Forensics Tools Repository: Package Summary for Packages on August 3, 2011:

  • Volatility-2.0-2.{fc12,fc13,fc14,fc15,el5,el6}.{i386,x86_64}.rpm - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. This package was updated because the versions for RHEL/CentOS were incorrectly configured.
  • regripper-20110518-2.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - regripper is a Windows Registry data extraction and correlation tool. This version installs all of the plugins available at this link.
  • perl-DateTime-Format-WindowsFileTime-0.02-1.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - perl-DateTime-Format-WindowsFileTime converts a Windows FILETIME into a DateTime object. The Windows FILETIME structure holds a date and time associated with a file. The structure identifies a 64-bit integer specifying the number of 100-nanosecond intervals which have passed since January 1, 1601. This package was built and installed in support of regripper.