Software Engineering Institute

LiFTeR: Changes for CERT-Forensics-Tools

July 20, 2022: CERT-Forensics-Tools-1.0-102.{fc34,fc35,fc36,el7,el8,el9,amzn2}.x86_64.rpm - The following changes were made:
- ssldump removed for CentOS/RHEL 8 and CentOS-8 Stream
- cutter-re removed for CentOS/RHEL 8 and CentOS-8 Stream
May 25, 2022: CERT-Forensics-Tools-1.0-101.{fc33,fc34,fc35,fc36,el7,el8,el9,amzn2}.x86_64.rpm - The following packages were added:
- python3-oletools
- python-oletools-doc
- mmc-utils
April 13, 2022: CERT-Forensics-Tools-1.0-100.{fc33,fc34,fc35,el7,el8,el9,amzn2}.x86_64.rpm - The following packages were added:
- crunch
- docker-forensics-toolkit
- KStrike
- libfplist
- libfwevt
- libfwps
- mtftar
- pstotext
- python3-pyfixbuf (python36-pyfixbuf for CentOS/RHEL 7)
- VeraCrypt
- videosnarf
- wdpassport-utils
- zeek
March 16, 2022: CERT-Forensics-Tools-1.0-99.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm - The package snort-sample-rules is no longer automatically installed.
December 10, 2021: CERT-Forensics-Tools-1.0-98.{fc33,fc34,fc35,el7,el8}.x86_64.rpm - This release removes exfat-utils and replaces it with exfatprogs.
November 10, 2021: CERT-Forensics-Tools-1.0-97.{fc32,fc33,fc34,fc35,el7,el8}.x86_64.rpm - This release removes the following tools from Fedora 35 only. All other releases are unchanged
- binplist
- shellbags
- vinetto
- Volatility-community-plugins
In addition, the Volatility application has been replaced by a Docker container based on Alpine Linux 3.10. The volatility, vol, and vol.py programs have been replaced by a script that manages this container. Please address any unexpected behavior or requests for improvements and enhancements to
October 6, 2021: CERT-Forensics-Tools-1.0-96.{fc32,fc33,fc34,el7,el8}.x86_64.rpm - This relese does the following:
- Added bulk-reviewer for all except CentOS/RHEL 7.
- Added EVTXtract.
July 14, 2021: CERT-Forensics-Tools-1.0-95.{fc32,fc33,fc34,el7,el8}.x86_64.rpm - This relese does the following:
- Added Hindsight.
June 2, 2021: CERT-Forensics-Tools-1.0-94.{fc31,fc32,fc33,fc34,el7,el8}.x86_64.rpm - This relese does the following:
- Added Maryam for all except CentOS/RHEL 7.
December 4, 2020: CERT-Forensics-Tools-1.0-93.el6.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-93.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - This relese does the following:
- Added AVML for Fedora 31 and beyond and CentOS/RHEL 7 and beyond.
November 6, 2020: CERT-Forensics-Tools-1.0-92.{fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-92.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - This relese does the following:
- Added Volatility3 and the Volatility 3 symbol table packages for Fedora 31 and beyond and CentOS/RHEL 7 and beyond.
September 24, 2020: CERT-Forensics-Tools-1.0-91.{fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-91.{fc31,fc32,el7,el8}.x86_64.rpm - This relese does the following:
- Added mac_apt for Fedora and CentOS/RHEL 7 and 8.
May 8, 2020: CERT-Forensics-Tools-1.0-90.{fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-90.{fc31,el7,el8}.x86_64.rpm - This relese does the following:
- Added hachoir for Fedora and CentOS/RHEL 7 and 8.
April 10, 2020: CERT-Forensics-Tools-1.0-89.{fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-89.{fc31,el7,el8}.x86_64.rpm - This relese does the following:
- Added bulk_extractor
March 21, 2020: CERT-Forensics-Tools-1.0-88.{fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-88.{fc31,el7,el8}.x86_64.rpm - This relese does the following:
- Obsoletes cutter.
- Added cutter-re.
February 14, 2020: CERT-Forensics-Tools-1.0-87.{fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-87.{fc31,el7,el8}.x86_64.rpm - The registerydecoder package was removed due to its dependence on Python 2.
August 30, 2019: CERT-Forensics-Tools-1.0-86.{fc25,fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-86.el7.x86_64.rpm - Removed the dependency of the kernel-PAE-modules-extra package for Fedora 28 and beyond.
June 14, 2019: CERT-Forensics-Tools-1.0-85.{fc25,fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-85.el7.x86_64.rpm - The changes since the last release (1.0-84) are the following:
- Added: qtmltfs
- Added: VMFS6-tools
- Added: Rekall Forensics (not on CentOS/RHEL 6)
- Added: xva-img
May 10, 2019: CERT-Forensics-Tools-1.0-84.{fc24,fc25,fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-84.el7.x86_64.rpm - The changes since the last release (1.0-83) are the following:
- The dff package is not installed on Fedora 30.
- The kracked package is not installed on Fedora 30.
March 29, 2019: CERT-Forensics-Tools-1.0-83.{fc24,fc25,fc26,fc27,fc28,fc29,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-83.el7.x86_64.rpm - The changes since the last release (1.0-82) are the following:
- The dcp package is installed except for CentOS/RHEL 6.
- The femto package is installed.
- The ghidra package is installed except for CentOS/RHEL 6.
November 16, 2018: CERT-Forensics-Tools-1.0-82.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-82.el7.x86_64.rpm - The changes since the last release (1.0-81) are the following:
- The libapfs-tools package is installed.
November 9, 2018: CERT-Forensics-Tools-1.0-81.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-81.el7.x86_64.rpm - The changes since the last release (1.0-78) are the following:
- Umit replaces nmap-frontend for Fedora systems.
- wireshark-gnome is not installed on Fedora 29-based systems because this package is not provided by RedHat.
- Cutter replaces bokken for Fedora 26 through 29 systems and for CentOS/RHEL 7 systems. In addition, python-radare2 has also been obsoleted on Fedora 26 through 29 systems and for CentOS/RHEL 7 systems since it is no longer needed and incompatible with the latest version of radare2 on Fedora systems.
- The PacketExaminer package is installed.
October 11, 2018: CERT-Forensics-Tools-1.0-78.{fc23,fc24,fc25,fc26,fc27,fc28,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-78.el7.x86_64.rpm - This package was updated to add the cutter package for Fedora 26 through 28 for the x86_64 architecture and CentOS/RHEL 7 for the x86_64 architecture.
April 27, 2018: CERT-Forensics-Tools-1.0-76.{fc22,fc23,fc24,fc25,fc26,fc27,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-76.el7.x86_64.rpm - This package was updated to add the apfs-fuse package to the systems where it is supported. This releasae also installs aimage, libluksde, and libluksde-tools for CentOS/RHEL 7, and aimage for CentOS/RHEL 6.
July 21, 2017: CERT-Forensics-Tools-1.0-75.fc26.{i686,x86_64}.rpm - This package was updated not install tools that are only OpenSSL 1.0 compliant, namely aimage, bloom, bulk_extractor, bulk_extractor-stoplist, and frag_find.
July 14, 2017: CERT-Forensics-Tools-1.0-74.{fc20,fc21,fc22,fc23,fc24,fc25,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-74.el7.x86_64.rpm - This package was updated as follows:
- libagdb-tools
- libcreg-tools
- libexe-tools
- libfsext-tools
- libfshfs-tools
- libhibr-tools
- libmdmp-tools
- libmodi-tools
- libnk2-tools
- libodraw-tools
- libphdi-tools
- libvsmbr-tools
- libwrc-tools
- libwtcdb-tools
- winevt-kb (not for CentOS/RHEL 6)
- winreg-kb (not for CentOS/RHEL 6)
May 26, 2017: CERT-Forensics-Tools-1.0-73.{fc20,fc21,fc22,fc23,fc24,fc25,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-73.el7.x86_64.rpm - This package was updated as follows:
- The dislocker suite was added for all supported systems.
May 19, 2017: CERT-Forensics-Tools-1.0-72.{fc20,fc21,fc22,fc23,fc24,fc25,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-72.el7.x86_64.rpm - This package was updated as follows:
- The package aeskeyfind was added for all supported systems.
April 28, 2017: CERT-Forensics-Tools-1.0-71.{fc20,fc21,fc22,fc23,fc24,fc25,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-71.el7.x86_64.rpm - This package was updated as follows:
- The package libvslvm-tools was added for all supported systems.
March 10, 2017: CERT-Forensics-Tools-1.0-70.{fc20,fc21,fc22,fc23,fc24,fc25,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-70.el7.x86_64.rpm - This package was updated as follows:
- The package xplico is now installed for Fedora 25.
- The package snarf is now installed for Fedora 25, 24, 23, 22, and 20, and CentOS/RHEL 6 and 7. Snarf is not available for Fedora 21.
December 8, 2016: CERT-Forensics-Tools-1.0-69.fc25.{i686,x86_64}.rpm - This package was updated as follows:
- The package Xplico was temporarily removed for Fedora 25. It will be re-added when it supports PHP 7.
May 16, 2016: CERT-Forensics-Tools-1.0-68.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-68.el7.x86_64.rpm - This package was updated as follows:
- The package fuse-exfat was incorrectly obsoleted by CERT-Forensics-Tools. This incorrect obsoleting directive was removed since it was already in exfat-utils, where it belongs.
December 4, 2015: CERT-Forensics-Tools-1.0-67.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-67.el7.x86_64.rpm - This package was updated as follows:
- For CentOS/RHEL 7, the hexedit replaced the ghex program.
November 20, 2015: CERT-Forensics-Tools-1.0-66.{fc17,fc18,fc19,fc20,fc21,fc22,fc23,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-66.el7.x86_64.rpm - This package was updated to add the following packages:
- Added The Volatility Community Plugins
September 4, 2015: CERT-Forensics-Tools-1.0-65.{fc17,fc18,fc19,fc20,fc21,fc22,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-65.el7.x86_64.rpm - This package was updated to add the following packages:
- Obsoleted fuse-exfat for Fedora 17-22 and CentOS 6 and 7.
July 10, 2015: CERT-Forensics-Tools-1.0-64.{fc17,fc18,fc19,fc20,fc21,fc22,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-64.el7.x86_64.rpm - This package was updated to add the following packages:
- Obsoleted snarf for CentOS/RHEL 7
December 15, 2014: CERT-Forensics-Tools-1.0-61.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-61.el7.x86_64.rpm - This package was updated to add the following packages:
- Removed snarf for Fedora 21
- Added ddrescueview for all supported OSes and architectures.
August 29, 2014: CERT-Forensics-Tools-1.0-60.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-60.el7.x86_64.rpm - This package was updated to add the following packages: libesedb-tools , libqcow-tools , libsmdev-tools , libsmraw-tools , libvmdk-tools , and bokken.
April 7, 2014: CERT-Forensics-Tools-1.0-58.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm - This package was updated to add the following:
- plaso - A timeline tool (Fedora 17 and beyond, and CentOS/RHEL 6.5 for x86_64 only)
- libregf-tools - Tools to access Windows NT Registry files
- libmsiecf-tools - Tools to access Microsoft Internet Explorer (MSIE) Cache File (index.dat) files
- libevt-tools - Tools to access Windows Event Log (EVT) format files
- liblnk-tools - Tools to access Windows NT Registry files
- libolecf-tools - Tools to access OLE 2 Compound File (OLECF) format files
- ddrutility (not CentOS/RHEL 5) - Utility for use with gnuddrescue to aid with data recovery
- fcrackzip - Zip Password Cracker
- undbx (not CentOS/RHEL 5) - Tool to extract, recover and undelete e-mail messages from Outlook Express .dbx files
- silk-ipa (Fedora 17 and beyond, and CentOS/RHEL 6.5 for x86_64 only) - Script to enable the IPA-based version of the SiLK tools
Note: On CentOS/RHEL, installing the CERT-Forensics-Tools meta package or plaso requires postgresql. For Fedora, postgresql is provided in the the CERT Linux Forensics Tools repository. However, for CentOS 6.5 for the x86_x64 architecture only, the version of postgresql comes from the CentOS Software Collections Repository. This means that you must install the centos-release-SCL package by running yum install centos-release-SCL as root before you apply updates from the repository.
January 22, 2014: CERT-Forensics-Tools-1.0-57.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm - This package was updated to add the following:
- analyzeMFT
- hdparm
- kracked, for Fedora and CentOS/RHEL 6 only
- libpff-tools
- snarf, for Fedora and CentOS/RHEL 6 only
- super_mediator
- vmfs-tools
August 1, 2013: CERT-Forensics-Tools-1.0-55.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- For Fedora 19, use ewftools.
- For all else, use libewf-tools and obsolete ewftools.
July 10, 2013: CERT-Forensics-Tools-1.0-54.{fc15,fc16,fc17,fc18,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- Added libbde-tools for all supported architectures
- Added libfvde-tools for all supported architectures
- Added libvhdi-tools for all supported architectures
- Obsoletes rayon and replaces it with netsa-python
April 22, 2013: CERT-Forensics-Tools-1.0-53.{fc15,fc16,fc17,fc18,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- add frag_find for all supported architectures
February 5, 2013: CERT-Forensics-Tools-1.0-52.{fc15,fc16,fc17,fc18,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- add exfat-utils for all supported architectures
- remove gpart and ext3grep from Fedora 18 and beyond
November 27, 2012: CERT-Forensics-Tools-1.0-50.{fc14,fc15,fc16,fc17,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- added bulk_extrator, bulk_extrator-stoplist, and fiwalk for RHEL/CentOS 5 for all supported architectures
- obsoletes BEViewer since that tool is now included in bulk_extrator
November 19, 2012: CERT-Forensics-Tools-1.0-48.{fc14,fc15,fc16,fc17,el5,el6}.{i686,x86_64}.rpm - This package was updated to do the following:
- now is architecture-specific to accomodate kernel-PAE-modules-extra for the i686 architecture
- added fuse-exfat
- added partclone
November 14, 2012: CERT-Forensics-Tools-1.0-47.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add kernel-modules-extra for both architectures. These kernel modules include support for ufs file systems.
- add kernel-PAE-modules-extra for the x86 architecture. These kernel modules include support for ufs file systems.
- added disktype
October 11, 2012: CERT-Forensics-Tools-1.0-46.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add fmem-kernel-objects for all supported releases.
September 17, 2012: CERT-Forensics-Tools-1.0-45.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add recoll for all supported releases except RHEL/CentOS 5.
September 4, 2012: CERT-Forensics-Tools-1.0-44.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add prism to all systems where the SiLK tools are installed.
August 23, 2012: CERT-Forensics-Tools-1.0-43.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add BEViewer all systems where bulk_extractor is installed.
- add analysis-pipeline all systems where the SiLK tools are installed.
July 10, 2012: CERT-Forensics-Tools-1.0-41.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add fred for Fedora systems only
July 3, 2012: CERT-Forensics-Tools-1.0-40.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add libvshadow-tools
June 28, 2012: CERT-Forensics-Tools-1.0-39.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm - This package was updated to do the following:
- add nmap-frontend
- obsolete zenmap
- obsolete ncat
- obsolete nping
- obsolete nmap-update
May 23, 2012: CERT-Forensics-Tools-1.0-38.{fc13,fc14,fc15,fc16,el5,el6}.noarch.rpm - This package was updated to do the following:
- obsolete nmap-frontend
- add zenmap
- add ncat
- add nping
- add nmap-update
- remove registrydecoder for RHEL/CentOS 5 (it requires too many dependencies)
January 12, 2012: CERT-Forensics-Tools-1.0-36.{fc13,fc14,fc15,fc16,el5,el6}.noarch.rpm - This package was updated to include the following:
- shellbags for Fedora 14, 15, and 16.
- KHracker for Fedora 13, 14, 15, and 16, and CentOS/RHEL 5 and 6.
- md5dump for Fedora 13, 14, 15, and 16, and CentOS/RHEL 5 and 6.
- tcpflow for Fedora 13, 14, 15, and 16, and CentOS/RHEL 5 and 6.
- registrydecoder for Fedora 13, 14, 15, and 16, and CentOS/RHEL 5 and 6.
- xplico for Fedora 13, 14, 15, and 16.
- snort for Fedora 13, 14, 15, and 16.
- snort-sample-rules for Fedora 13, 14, 15, and 16.
October 13, 2011: CERT-Forensics-Tools-1.0-33.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to select a correct version of the libewf-tools package.
October 12, 2011: CERT-Forensics-Tools-1.0-32.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to add these packages:
- libewf-tools
and remove these packages:
- ewftools
August 23, 2011: CERT-Forensics-Tools-1.0-31.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to add these packages:
- ataraw
- bloom
- bulk_extractor (not for Fedora 12 nor CentOS/RHEL 5)
- bulk_extractor-stoplist (not for Fedora 12 nor CentOS/RHEL 5)
- fiwalk (not for Fedora 12 nor CentOS/RHEL 5)
- jafat
- perl-Parse-Evtx
- tln_tools
- xmount
August 10, 2011: CERT-Forensics-Tools-1.0-30.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to add the DFF package. Note that DFF is not provided for CentOS/RHEL version 5.
June 23, 2011: CERT-Forensics-Tools-1.0-29.{fc11,fc12,fc13,fc14,fc15,el6,el6}.noarch.rpm - This package was updated to add the DropboxReader package.
March 22, 2011: CERT-Forensics-Tools-1.0-28.fc{11,12,13,14}.noarch.rpm - This package was updated to add the SiLK and YAF tools.
March 14, 2011: CERT-Forensics-Tools-1.0-27.fc{11,12,13,14}.noarch.rpm - This package was updated to add the PTK tool.
February 24, 2011: CERT-Forensics-Tools-1.0-26.fc{11,12,13,14}.{i386,x86_64}.rpm - This package was updated to make the gpart package no longer conditional on the i386 architecture. See here for more information.
February 23, 2011: CERT-Forensics-Tools-1.0-24.fc{11,12,13,14}.noarch.rpm - This package was updated to reflect the addition of the xplico dependency for all supported architectures. Xplico 0.6.1 was previously released on December 10, 2010.
January 31, 2011: CERT-Forensics-Tools-1.0-23.fc{11,12,13,14}.noarch.rpm - This package was updated to reflect the conditional addition of the gpart dependency only for the x86 architecture.

January 17, 2011: CERT-Forensics-Tools-1.0-22.fc{11,12,13,14}.noarch.rpm - This package was updated to reflect the addition of all of the following tool and supporting package:

gpart - gpart is a tool which tries to guess the primary partition table of a PC-type hard disk in case the primary partition table in sector 0 is damaged, incorrect or deleted. The guessed table can be written to a file or device. Supported (guessable) filesystem or partition types:
- DOS/Windows FAT (FAT 12/16/32)
- Linux ext2
- Linux swap partitions versions 0 and 1 (Linux >= v2.2.X)
- OS/2 HPFS
- Windows NTFS
- *BSD disklabels
- Solaris/x86 disklabels
- Minix FS
- Reiser FS
- Linux LVM physical volume module (LVM by Heinz Mauelshagen)

January 10, 2011: CERT-Forensics-Tools-1.0-21.fc{11,12,13,14}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

November 17, 2010: CERT-Forensics-Tools-1.0-20.fc{11,12,13,14}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

August 17, 2010: CERT-Forensics-Tools-1.0-18.fc{10,11,12,13}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

August 16, 2010: CERT-Forensics-Tools-1.0-17.fc{10,11,12,13}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

July 23, 2010: CERT-Forensics-Tools-1.0-16.fc{10,11,12}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

ghex

April 5, 2010: CERT-Forensics-Tools-1.0-14.fc{8,9,10,11,12}.noarch.rpm - This package was updated to reflect the addition of all of the following tools and supporting packages:

March 4, 2010: CERT-Forensics-Tools-1.0-10.fc12.noarch.rpm - This package was updated but in essense, no changes were made.

March 2, 2010: CERT-Forensics-Tools-1.0-5.fc{9,10,11,12}.noarch.rpm - This update includes the nmap as a dependency. This release of nmap includes ncat, an improved version of the netcat program.

February 19, 2010: CERT-Forensics-Tools-1.0-4.fc1{0,1,2}.noarch.rpm - This update includes the following tools as dependencies:

Added: Guymager
Added: Libguytools
Added: Mount_ewf
Added: Fundl
Added: Cryptcat

February 8, 2010: CERT-Forensics-Tools-1.0-4.fc8.noarch.rpm - This update includes dc3dd as a dependency.

February 8, 2010: CERT-Forensics-Tools-1.0-4.fc9.noarch.rpm - This update includes dc3dd as a dependency.

February 8, 2010: CERT-Forensics-Tools-1.0-2.fc10.noarch.rpm - This update includes dc3dd as a dependency.