Linux Forensics Tools Repository: Package Summary for Packages on December 4, 2012:

  • jafat-1.1.6-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - JAFAT is an assortment of tools to assist in the forensc investigation of computer systems.
  • Volatility-2.2-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. See https://code.google.com/p/volatility/source/list for a list of changes. This version also includes the plugins from the Malware Analyst's Cookbook to version R134. See here for the list of recent changes.
  • exfat-utils-0.9.8-1.1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - The EXfat-utils are a set of utilities for creating, checking, dumping and labeling exFAT file systems.
  • epub-0.5.0-1.{fc14,fc15,fc16,fc17,el6}.{i386,x86_64}.rpm - Epub is the distribution and interchange format standard for digital publications and documents based on Web Standards. Epub defines a method for representing, packaging, and encoding structured and semantically enhanced web content - including XHTML, CSS, SVG, images, and other resources - for distribution in a single-file format. Epub allows publishers to produce and send a single digital publication file through distribution and offers interoperability between consumers software / hardware for unencrypted reflowable digital books and other publications. Epub is a helper application for recoll.
  • libiconv{,-devel,-static,-utils}-1.14-2.{fc14,fc15,fc16,fc17,el6}.{i686,x86_64}.rpm - Libiconv provides an iconv() implementation, for use on systems which don't have one, or whose implementation cannot convert from/to Unicode. Due to conflicts with other packages, notably glibc, the libiconv packages are installed in /usr/libiconf. Note that libiconv is not available for RHEL/CentOS 5. This release makes the library files also available at /usr/libiconf/lib for the x86_64 architecture which makes the package easier to use when building packages that use libiconv.
  • libpst{,-devel,-devel-doc,-doc,-libs,-python}-0.6.55-2.2.{fc14,fc15,fc16,fc17,el6}.{i686,x86_64}.rpm - The libpst utilities convert Outlook .pst files to other formats. The packages include the following:
    • libpst includes:
      • readpst which can convert email messages to both mbox and MH mailbox formats
      • pst2ldif which can convert the contacts to .ldif format for import into ldap databases, and
      • pst2dii which can convert email messages to the DII load file format used by Summation.
    • libpst-libs package contains the shared library used by the pst utilities.
    • libpst-python package contains libpst shared objects from python code.
    • libpst-devel package contains the library links and header files needed to develop applications using the libpst shared library.
    • libpst-devel-doc package contains the doxygen generated documentation for the libpst.so shared library.
    • libpst-doc package contains the html documentation for the pst utilities.
    Note that libpst is not available for RHEL/CentOS 5. This version has been rebuilt to use the libiconv library.
  • pstotext-1.9-2.1.{fc14,fc15,fc16,fc17,el6}.{i386,x86_64}.rpm - PStotext is a utility that reads in postscript files and outputs an ASCII rendering. While the rendering is not always accurate, it is often sufficient. PStotext is a helper application for recoll
  • recoll-1.18.1-1.1.{fc14,fc15,fc16,fc17,el6}.{i686,x86_64}.rpm - Recoll is a text search tool for Unix and Linux desktops. Recoll finds keywords inside documents as well as file names. See here for a list of changes in this version. In addition, tar archives have been enabled and the epub, pstotext, and aspell packages have been added as required packages.
  • fmem-kernel-objects-1.6-1.10.{fc14,fc15,fc16,fc17,el5,el6}.{i686,x86_64}.rpm - Fmem is kernel module that creates device /dev/fmem, similar to /dev/mem but without limitations. The changes are the following:
    • Support for 3.6.8-2 for FC17
    • Support for 3.6.7-4 for FC16