libfsntfs{,-devel,-python3}-20200627-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, libfsntfs{,-devel,-python2}-20200627-1.el6.{i686,x86_64}.rpm, libfsntfs{,-devel,-python36}-20200627-1.el7.x86_64.rpm, and libfsntfs{,-devel,-python3}-20200627-1.{fc31,fc32,el8}.x86_64.rpm -
Libfsntfs contains library and tools to access the New Technology File System (NTFS).
python3-idna-2.10-1.{fc27,fc28,el8}.noarch.rpm and python36-idna-2.10-1.el7.noarch.rpm -
IDNA provides support for the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891.
This is the latest version of the protocol and is sometimes referred to as "IDNA 2008".
python3-dfdatetime-20200613-1.{fc27,fc28,fc29,fc30,fc31,fc32,el8}.noarch.rpm and python36-dfdatetime-20200613-1.el7.noarch.rpm -
dfDateTime, or Digital Forensics date and time, provides date and time objects to preserve accuracy and precision.
python3-dtfabric-20200621-2.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, python36-dtfabric-20200621-2.el7.x86_64.rpm, and python3-dtfabric-20200621-2.{fc31,fc32,el8}.x86_64.rpm -
Dtfabric is a project to manage data types and structures,
as used in the libyal projects.
python2-yara-4.0.2-1.fc30.{i386,x86_64}.rpm and python2-yara-4.0.2-1.x86_64.{fc31,fc32,el8}.rpm -
Python-yara is a Python extension that gives access to Yara's powerful features from Python scripts.
python2-coverage-4.5.1-4.fc32.x86_64.rpm -
Python Coverage measures code coverage, typically during test execution.
It uses the code analysis tools and tracing hooks provided in the Python standard library to determine which lines are executable, and which have been executed.
This package was installed to support building python2-yara for Fedora 32.
python2-nose-1.3.7-24.fc32.noarch.rpm -
Python Nose extends the test loading and running features of unittest, making it easier to write, find and run tests.
This package was installed to support building python2-yara for Fedora 32.
docker-forensics-toolkit-0.2.0-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and docker-forensics-toolkit-0.2.0-1.{fc31,fc32,el7,el8}.x86_64.rpm -
Docker Forensics Toolkit is a toolkit for performing post-mortem analysis of Docker runtime environments based on forensic HDD copies of the docker host system.
See this page for usage instructions.
python3-dfvfs-20200625-1.{fc27,fc28,fc29,fc30,fc31,fc32,el8}.noarch.rpm and python36-dfvfs-20200625-1.el7.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
python3-redis-3.5-1.{fc27,fc28,fc29,fc30,fc31,fc32,el8}.noarch.rpm and python36-redis-3.5-1.el7.noarch.rpm -
Redis is a Python interface to the Redis key-value store.
plaso-20200630-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200630-1.{fc31,fc32,el7,el8}.x86_64.rpm -
Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Details of this update are available here.
pfring-7.6.0-3059.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.6.
pfring-dkms-7.6.0-3059.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-3.2.0-2599.{el6,el7,el8}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
fmem-kernel-modules-fc32-x86_64-1.6-1.9.noarch.rpm -
Support for the following kernels were added for Fmem:
5.7.6-201 for FC32
lime-kernel-modules-fc32-x86_64-1.1.r17-9.noarch.rpm -
Support for the following kernels were added for LiME: