Linux Forensics Tools Repository: Package Summary for Packages on February 24, 2012:

  • regripper-20120224-1.{fc13,fc14,fc15,fc16,el5,el6}.noarch.rpm - Regripper is a Windows Registry data extraction and correlation tool. This version includes version 20120224 of the plugins from here. The plugins added are the following:
    • EMDMgt.pl (Brad Reninger) - this plugin parses the EMDMgt registry key located in the SOFTWARE Hive. This registry key identifies the volume serial number of USB devices.
    • ccleaner.pl (Adrian Leong) - this plugin gets CCleaner User's Settings from NTUSER.DAT.

  • md5deep-4.1-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - This package was updated to reflect the new version of md5deep. Here are the list of new features:
    • Added expert mode option to parse Windows PE files
    and bug fixes:
    • Fixed junction point handling on Win32