Linux Forensics Tools Repository: Package Summary for Packages on July 14, 2017:

  • fmem-kernel-modules-fc25-{i686,x86_64}-1.6-1.34.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.11.9-200 for FC25

  • lime-kernel-modules-fc25-{i686,x86_64}-1.1.r17-34.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.11.9-200 for FC25

  • fmem-kernel-modules-fc25-{i686,x86_64}-1.6-1.33.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.11.8-200 for FC25

  • lime-kernel-modules-fc25-{i686,x86_64}-1.1.r17-33.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.11.8-200 for FC25

  • fmem-kernel-modules-fc25-{i686,x86_64}-1.6-1.32.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.11.7-200 for FC25

  • lime-kernel-modules-fc25-{i686,x86_64}-1.1.r17-32.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.11.7-200 for FC25

  • fmem-kernel-modules-fc24-{i686,x86_64}-1.6-1.44.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.11.8-100 for FC24

  • lime-kernel-modules-fc24-{i686,x86_64}-1.1.r17-44.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.11.8-100 for FC24

  • fmem-kernel-modules-el7-{i686,x86_64}-1.6-1.34.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.10.0-514.26.2 for EL7

  • lime-kernel-modules-el7-{i686,x86_64}-1.1.r17-34.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.10.0-514.26.2 for EL7

  • fmem-kernel-modules-el6-{i686,x86_64}-1.6-1.35.noarch.rpm - Support for the following kernels were added for Fmem:
    • 2.6.32-696.6.3 for EL6

  • lime-kernel-modules-el6-{i686,x86_64}-1.1.r17-35.noarch.rpm - Support for the following kernels were added for LiME:
    • 2.6.32-696.6.3 for EL6

  • libfsext{,-devel,-python,-python3,-tools}-20170624-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libfsext{,-devel,-python,-tools}-20170624-1.el6.{i686,x86_64}.rpm - Libfsext is a lbrary and tools to access the Extended File System (EXT). Note that this project currently only focuses on the analysis of the format.
  • libfshfs{,-devel,-python,-python3,-tools}-20170626-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libfshfs{,-devel,-python,-tools}-20170626-1.el6.{i686,x86_64}.rpm - Libfshfs is a lbrary and tools to access the Hierarchical File System (HFS). Note that this project currently only focuses on the analysis of the format.
  • libhibr{,-devel,-tools}-20170530-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libhibr{,-devel,-tools}-20170530-1.el6.{i686,x86_64}.rpm - libhibr is a lbrary and tools to access the Windows Hibernation File (hiberfil.sys) format. Note that this project currently only focuses on the analysis of the format.
  • libmdmp{,-devel,-tools}-20170522-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libmdmp{,-devel,-tools}-20170522-1.el6.{i686,x86_64}.rpm - Libmdmp is a library to access the Windows Minidump (MDMP) format. Note that this project currently only focuses on the analysis of the format.
  • libmodi{,-devel,-python,-python3,-tools}-20170527-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libmodi{,-devel,-python,-tools}-20170527-1.el6.{i686,x86_64}.rpm - Libmodi is a lbrary and tools to access the Mac OS disk image formats.
  • libnk2{,-devel,-python,-python3,-tools}-20170527-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libnk2{,-devel,-python,-tools}-20170527-1.el6.{i686,x86_64}.rpm - Libnk2 is a lbrary and tools to access Microsoft Outlook Nickfile (NK2) format files.
  • libodraw{,-devel,-tools}-20170217-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libodraw{,-devel,-tools}-20170217-1.el6.{i686,x86_64}.rpm - Libodraw is a library to access to optical disc (split) RAW image files (bin/cue, iso/cue).
  • libphdi{,-devel,-python,-python3,-tools}-20170529-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libphdi{,-devel,-python,-tools}-20170529-1.el6.{i686,x86_64}.rpm - Libphdi is a library to access the Parallels Hard Disk image format.
  • libexe{,-devel,-python,-python3,-tools}-20170123-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libexe{,-devel,-python,-tools}-20170123-1.el6.{i686,x86_64}.rpm - Libexe is a library and tools to access the executable (EXE) format.
  • libwtcdb{,-devel,-tools}-20170201-1.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm libwtcdb{,-devel,-tools}-20170201-1.el6.{i686,x86_64}.rpm - Libwtcdb is a library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db).
  • libfplist{,-devel}-20170112-1.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm - Libfplist is a library for plist formats. Note: this is a library only - there are no tools provided by these packages.
  • libfwevt{,-devel}-20170114-1.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm - Libfwevt is a library for Windows XML Event Log (EVTX) data types. Note: this is a library only - there are no tools provided by these packages.
  • libagdb{,-devel,-tools}-20170201-1.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm - Libagdb is a library to access the SuperFetch database format.
  • libcreg{,-devel,-python,-python3,-tools}-20170119-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libcreg{,-devel,-python,-tools}-20170119-1.el6.{i686,x86_64}.rpm - Libcreg is a library and tools to access the Windows 9x/Me Registry File (CREG) format.
  • libvsmbr{,-devel,-tools}-20170525-1.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm - Libvsmbr is a library and tools to access the Master Boot Record (MBR) volume system.
  • libwrc{,-devel,-python,-python3,-tools}-20160419-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm and libwrc{,-devel,-python,-tools}-20160419-1.el6.{i686,x86_64}.rpm - Libwrc is a library and tools to access the Windows Resource Compiler (WRC) format.
  • winevt-kb-20170527-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm - Winevt-kb is a project to build a Windows Event Log knowledge base. winevtrc is the Python module part of winevt-kb to allow reuse of Windows Event Log resources. See this resource for an explanation of the scripts included with this package - export.py, extract.py, query.py - and how to use them. Note that winevt-kb is not available for CentOS/RHEL 6 because of the old version of Python 2.
  • dtfabric-20170630-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm - Dtfabric is a project to manage data types and structures, as used in the libyal projects.
  • winreg-kb-20170525-1.{fc20,fc21,fc22,fc23,fc24,fc25,el7}.{i686,x86_64}.rpm - Winreg-kb-kb winreg-kb is a project to build a Windows Registry Knowledge Base. winregrc is a Python module part of winreg-kb to allow reuse of Windows Registry Resources. See these scripts that make use of package. Note that winreg-kb is not available for CentOS/RHEL 6 because of the old version of Python 2.
  • dfwinreg-20170706-1.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm and dfwinreg-20170706-1.{el6,el7}.x86_64.rpm - DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects. The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.
  • CERT-Forensics-Tools-1.0-74.{fc20,fc21,fc22,fc23,fc24,fc25,el6,el7}.{i686,x86_64}.rpm - This package was updated as follows:
    • libagdb-tools
    • libcreg-tools
    • libexe-tools
    • libfsext-tools
    • libfshfs-tools
    • libhibr-tools
    • libmdmp-tools
    • libmodi-tools
    • libnk2-tools
    • libodraw-tools
    • libphdi-tools
    • libvsmbr-tools
    • libwrc-tools
    • libwtcdb-tools
    • winevt-kb (not for CentOS/RHEL 6)
    • winreg-kb (not for CentOS/RHEL 6)

  • pfring-6.6.0-1334.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically improves the packet capture speed. This package contains header files and libraries, among other files, to support the PF_Ring network socket.
  • pfring-dkms-6.6.0-1334.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically improves the packet capture speed. This package conains the code and supporting files needed to create the PF_Ring kernel module.
  • yara-python-3.6.2-1.{fc24,fc25}.x86_64.rpm - Yara-python is a Python extension that gives access to Yara's powerful features from Python scripts. This version was rebuilt because of an update to yara in Fedora 24 and 25.