Linux Forensics Tools Repository: Package Summary for Packages on November 20, 2015:

  • distorm3-3.1-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.{i386,x86_64}.rpm - Distorm3 is a lightweight, easy-to-use and fast decomposer library. It disassembles instructions in 16, 32 and 64 bit modes. Supported instruction sets: FPU, MMX, SSE, SSE2, SSE3, SSSE3, SSE4, 3DNow! (w/ extensions), new x86-64 instruction sets, VMX, AMD's SVM and AVX. Distorm3 is used by The Volatility Framework. The changes are listed here. This version is build from distorm3 version 3.1 which is needed to address the issue noted here.
  • Volatility-2.5-3.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6,el7}.{i386,x86_64}.rpm - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. This version of Volatility is the official version of Volatility 2.5. It also contains the mimikatz plugin. This release was also built with Distorm3 version 3.1 as noted above.
  • Volatility-community-plugins-20151112-1.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6,el7}.noarch.rpm - The Volatility Community Plugins is a collection of Volatility plugins written and maintained by authors in the forensics community. Many of these are the result of the last 3 years of Volatility plugin contests, but some were just written for fun. Either way, it's an entire arsenal of plugins that you can easily extend into your existing Volatility installation. These plugins are installed in /usr/share/volatility/plugins/community/.
  • CERT-Forensics-Tools-1.0-66.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6,el7}.{i686,x86_64}.rpm - This package was updated to add the following packages:
    • Added Volatility-community-plugins.

  • fmem-kernel-modules-fc23-{i686,x86_64}-1.6-1.2.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.2.6-300 for FC23

  • lime-kernel-modules-fc23-{i686,x86_64}-1.1.r17-2.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.2.6-300 for FC23

  • fmem-kernel-modules-fc22-{i686,x86_64}-1.6-1.18.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.2.6-200 for FC22

  • lime-kernel-modules-fc22-{i686,x86_64}-1.1.r17-18.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.2.6-200 for FC22