libcaes{,-devel,-python3,-static}-20231120-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libcaes{,-devel,-python36,-static}-20231120-1.el7.x86_64.rpm, and libcaes{,-devel,-python3,-static}-20231120-1.el9.{x86_64,aarch64}.rpm -
libcaes is a library to support cross-platform AES encryption.
libvmdk{,-devel,-python3,-tools}-20231123-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libvmdk{,-devel,-python36,-tools}-20231123-1.el7.x86_64.rpm, and libvmdk{,-devel,-python3,-tools}-20231123-1.el9.{x86_64,aarch64}.rpm -
Libvmdk is a library and tools used to access the VMware Virtual Disk (VMDK) image format.
libvsapm{,-devel,-python3,-static,-tools}-20231123-1.{fc36,fc37,fc38,fc39,el8,amzn2,el8}.x86_64.rpm, libvsapm{,-devel,-python36,-static,-tools}-20231123-1.el7.x86_64.rpm, and libvsapm{,-devel,-python3,-static,-tools}-20231123-1.el9.{x86_64,aarch64}.rpm -
libvsapm is a library to access the Apple Partition Map (APM) volume system format.
libmodi{,-devel,-python3,-tools}-20231123-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libmodi{,-devel,-python36,-tools}-20231123-1.el7.x86_64.rpm , and libmodi{,-devel,-python3,-tools}-20231123-1.el9.{x86_64,aarch64}.rpm -
Libmodi is a library and tools to access the Mac OS disk image formats.
libfwnt{,-devel,-python3}-20231124-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfwnt{,-devel,-python36}-20231124-1.el7.x86_64.rpm, and libfwnt{,-devel,-python3}-20231124-1.el9.{x86_64,aarch64}.rpm =
LibFWNT is a library for Windows NT data types.
libcreg{,-devel,-python3,-tools}-20231123-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libcreg{,-devel,-python36,-tools}-20231123-1.el7.x86_64.rpm, and libcreg{,-devel,-python3,-tools}-20231123-1.el9.{x86_64,aarch64}.rpm -
Libcreg is a library and tools to access the Windows 9x/Me Registry File (CREG) format.
libfsxfs{,-devel,-python3,-static,-tools}-20231124-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfsxfs{,-devel,-python36,-static,-tools}-20231124-1.el7.x86_64.rpm, and libfsxfs{,-devel,-python3,-static,-tools}-20231124-1.el9.{aarch64,x86_64}.rpm -
Libfsxfs contains library and tools to access the SGI X File System (XFS).
libfshfs{,-devel,-python3,-tools}-20231125-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfshfs{,-devel,-python36,-tools}-20231125-1.el7.x86_64.rpm, and libfshfs{,-devel,-python3,-tools}-20231125-1.el9.{aarch64,x86_64}.rpm -
Libfshfs is a library and tools to access the Hierarchical File System (HFS).
libfsntfs{,-devel,-python3,-tools}-20231125-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfsntfs{,-devel,-python36,-tools}-20231125-1.el7.x86_64.rpm, and libfsntfs{,-devel,-python3,-tools}-20231125-1.el9.{x86_64,aarch64}.rpm -
Libfsntfs contains library and tools to access the New Technology File System (NTFS).
libqcow{,-devel,-python3,-tools}-20231125-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libqcow{,-devel,-python36,-tools}-20231125-1.el7.x86_64.rpm, and libqcow{,-devel,-python3,-tools}-20231125-1.el9.{x86_64,aarch64}.rpm -
Libqcow is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format.
libvhdi{,-devel,-python3,-tools}-20231127-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libvhdi{,-devel,-python36,-tools}-20231127-1.el7.x86_64.rpm, and libvhdi{,-devel,-python3,-tools}-20231127-1.el9.{x86_64,aarch64}.rpm -
Libvhdi is a library and tools to access the Virtual Hard Disk (VHD) image format.
libsmraw{,-devel,-python3,-tools}-20231127-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libsmraw{,-devel,-python36,-tools}-20231127-1.el7.x86_64.rpm, and libsmraw{,-devel,-python3,-tools}-20231127-1.el9.{x86_64,aarch64}.rpm -
Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies.
libhmac{,-devel,-python3,-static,-tools}-20231127-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libhmac{,-devel,-python36,-static,-tools}-20231127-1.el7.x86_64.rpm and libhmac{,-devel,-python3,-static,-tools}-20231127-1.el9.{x86_64,aarch64}.rpm -
Libhmac is a library to support various Hash-based Message Authentication Codes (HMAC).
opensearch-py-2.4.2-1.{fc36,fc37,fc38,fc39,el7,el8,el9,amzn2}.noarch.rpm -
OpenSearch-PY is a Python client for OpenSearch.
libfwps{,-devel,-python3}-20231126-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfwps{,-devel,-python36}-20231126-1.el7.x86_64.rpm, and libfwps{,-devel,-python3}-20231126-1.el9.{x86_64,aarch64}.rpm -
LibFWPS is a library for Windows Property Store data types.
libfvde{,-devel,-python3,-tools}-20231128-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfvde{,-devel,-python3,-tools}-20231128-1.el9.{aarch64,x86_64}.rpm, and libfvde{,-devel,-python36,-tools}-20231128-1.el7.x86_64.rpm -
Libfvde is a library and tools to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes.
The FVDE format is used by Mac OS X, as of Lion, to encrypt data on a storage media volume.
libvshadow{,-devel,-python3,-tools}-20231128-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libvshadow{,-devel,-python36,-tools}-20231128-1.el7.x86_64.rpm, and libvshadow{,-devel,-python3,-tools}-20231128-1.el9.{x86_64,aarch64}.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
libphdi{,-devel,-python3,-tools}-20231129-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm , libphdi{,-devel,-python36,-tools}-20231129-1.el7.x86_64.rpm, and libphdi{,-devel,-python3,-tools}-20231129-1.el9.{x86_64,aarch64}.rpm -
Libphdi is a library to access the Parallels Hard Disk image format.
libluksde{,-devel,-python3,-tools}-20231128-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libluksde{,-devel,-python36,-tools}-20231128-1.el7.x86_64.rpm, and libluksde{,-devel,-python3,-tools}-20231128-1.el9.{x86_64,aarch64}.rpm -
Libluksde is a library and tools used to access LUKS Disk Encryption encrypted volumes.
libsmdev{,-devel,-python3,-tools}-20231128-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libsmdev{,-devel,-python36,-tools}-20231128-1.el7.x86_64.rpm, and libsmdev{,-devel,-python3,-tools}-20231128-1.el9.{x86_64,aarch64}.rpm -
Libsmdev is a library and tools used to access storage media devices.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-1.{fc36,fc37,fc38,fc39,el7,el8,amzn2}.x86_64.rpm and silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-1.el9.{x86_64,aarch64}.rpm -
SiLK is the System for Internet-Level Knowledge, a collection of
traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks.
See here for a list of changes in this version.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-2.{fc36,fc37,fc38,fc39,el7,el8,amzn2}.x86_64.rpm and silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-2.el9.{x86_64,aarch64}.rpm -
This release of the SiLK tools can be found in an optional repository that is now part of
cert-forensics-tools-release named forensics-sip, the definition of which can be found in /etc/yum.repos.d/cert-forensics-tools.repo.
This repository is diabled by default and can be enabled by running the script named /usr/bin/EnableSilkWithIPA as root.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-101.{fc36,fc37,fc38,fc39,el7,el8,amzn2}.x86_64.rpm and silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.22.1-101.el9.{x86_64,aarch64}.rpm -
SiLK is the System for Internet-Level Knowledge, a collection of
traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks.
These packages are installed in the forensics-test repository.
These packages were rebuilt to use libfixbuf 3.0.0.alpha2.
Please address any comments on these packages to netsa-help@cert.org.
pfring-8.7.0-8691.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.7.0.8691-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.9.0-4482.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc39-x86_64-1.9.1-3.noarch.rpm -
Support for the following kernels were added for LiME:
6.6.2-201 for FC39
fmem-kernel-modules-fc39-x86_64-1.6-1.3.noarch.rpm -
Support for the following kernels were added for Fmem:
6.6.2-201 for FC39
lime-kernel-modules-fc38-x86_64-1.9.1-21.noarch.rpm -
Support for the following kernels were added for LiME:
6.6.2-101 for FC39
6.5.12-200 for FC38
fmem-kernel-modules-fc38-x86_64-1.6-1.21.noarch.rpm -
Support for the following kernels were added for Fmem:
6.6.2-101 for FC39
6.5.12-200 for FC38
lime-kernel-modules-fc37-x86_64-1.9.1-21.noarch.rpm -
Support for the following kernels were added for LiME:
6.5.12-100 for FC37
fmem-kernel-modules-fc37-x86_64-1.6-1.21.noarch.rpm -
Support for the following kernels were added for Fmem:
6.5.12-100 for FC37
lime-kernel-modules-el9-{x86_64,aarch64}-1.9.1-36.noarch.rpm -
Support for the following kernels were added for LiME for both the x86_64 and aarch64 architectures:
5.14.0-388 for EL9
fmem-kernel-modules-el9-{x86_64,aarch64}-1.6-1.36.noarch.rpm -
Support for the following kernels were added for Fmem for both the x86_64 and aarch64 architectures: