Linux Forensics Tools Repository: Package Summary for Packages on February 15, 2012:

  • bulk_extractor-1.2.0-1.{fc13,fc14,fc15,fc16,el5,el6}.{i686,x86_64}.rpm - Bulk_extractor is a C++ program that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. The results are stored in feature files that can be easily inspected, parsed, or processed with automated tools. Bulk_extractor also created a histograms of features that it finds, as features that are more common tend to be more important. See this Changelog for a list of changes.
  • libewf-{,devel,tools}-20120122-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Libewf is a library for support of the Expert Witness Compression Format (EWF). It supports both the SMART (EWF-S01) and EnCase (EWF-E01) format. Libewf allows you to read and write EWF files. Recent versions also support the LEV (EWF-L01) format. Note the following:
    • This version provides the development environment for Version 2 of the API using the libewf-devel package. If the Version 1 API is required, install a version of libewf-devel from 2010, for example version 20100226.
    • This version provides the runtime environment for both Version 1 and Version 2 of the API. This means that both libewf.so.1 and libewf.so.2 are provided in this package for all supported operating systems and architectures.
    • This version provides the a set of tools (libewf-tools) that replace ewftools.