applications/system

sleuthkit - The Sleuth Kit (TSK)

Website: http://www.sleuthkit.org
License: CPL and IBM and GPLv2+
Description:
The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Packages

sleuthkit-4.6.0-3.fc22.i686 [1.7 MiB] Changelog by Lawrence R. Rogers (2018-03-28):
- Release 4.6.0-3
	Moved sleuthkit-4.6.0.jar from sleuthkit-devel package to sleuthkit package.
sleuthkit-4.6.0-2.fc22.i686 [1.3 MiB] Changelog by Lawrence R. Rogers (2018-02-28):
- Release 4.6.0-2
	Removed patches from PyTSK.
sleuthkit-4.6.0-1.fc22.i686 [1.3 MiB] Changelog by Lawrence R. Rogers (2018-02-21):
- Release 4.6.0-1
	- New Features
		- New Communications related Java classes and database tables.
		- Java build updates for Autopsy Linux build
		- Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
		- Increased cache sizes.
		- Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
		- HFS fix from uckelman-sf.
sleuthkit-4.5.0-1.fc22.i686 [1.3 MiB] Changelog by Lawrence R. Rogers (2017-10-15):
- Release 4.5.0-1

	- New Features:
		- Support for LZVN compressed HFS files (from Joel Uckelman)
		- Use sector size from E01 (helps with 4k sector sizes)
		- More specific version number of DB schema
		- New Local Directory type in DB to differentiate with Virtual Directories
		- All blackboard artifacts in DB are now 'content'. Attachments can now be children of their parent message.
		- Added extension as a column in tsk_files table.

	- Bug Fixes:
		- Faster resolving of HFS hard links
		- Lots of fixes from Google Fuzzing efforts.
sleuthkit-4.4.2-1.fc22.i686 [1.2 MiB] Changelog by Lawrence R. Rogers (2017-08-07):
- Release 4.4.2-1

	- New Features:
		- usnjls tool for NTFS USN log (from noxdafox)
		- Added index to mime type column in DB
		- Use local SQLite3 if it exists (from uckelman-sf)
		- Blackboard Artifacts have a shortDescription metho

	- Bug Fixes:
		- Fix for highest HFS+ inum lookup (from uckelman-sf)
		- Fix ISO9660 crash
		- various performance fixes and added thread safety checks
sleuthkit-4.4.1-1.fc22.i686 [1.9 MiB] Changelog by Lawrence R. Rogers (2017-05-30):
- Release 4.4.1-1
	- New Features:
		-- Can create a sparse VHD file when reading a local drive with new
		   IMAGE_WRITER structure. Currently being used by Autopsy, but no TSK
		   command line tools.

	- Bug fixes:
		-- Lots of cleanup and fixes. Including:
			-- memory leaks
			-- UTF8 and UTF16 cleanup 
			-- Missing NTFS files (in fairly rare cases)
			-- Really long folder structures and database inserts
sleuthkit-4.4.0-1.fc22.i686 [1.9 MiB] Changelog by Lawrence R. Rogers (2017-01-17):
- Release 4.4.0-1
	4.4.0
	  Compiling in Windows now uses Visual Studio 2015
	  tsk_loaddb now adds new files for slack space and JNI was upgraded accordingly.

	4.3.0
	  NTFS works on 4k sectors
	  Added support in Java to store local files in encoded form (XORed)
	  Added Java Account object into datamodel
	  Added notion of a review status to blackboard artifacts
	  Upgraded version of PostgreSQL
	  Various minor bug fixes
sleuthkit-4.2.0-6.fc22.i686 [1.9 MiB] Changelog by Lawrence R. Rogers (2016-07-18):
- Release 4.2.0-6
	Rebuilt to use libewf-20160718, release 20140608.1.
	Also patched to 20160718.
sleuthkit-4.2.0-2.fc22.i686 [1.8 MiB] Changelog by Lawrence R. Rogers (2015-10-07):
- Release 4.2.0-2
	Patch 2 - bring up to 2015-10-07 version from github
	Patch 3 - fix srch_strings by reverting source back to 4.1.3 version

Listing created by Repoview-0.6.6-4.el7