Fedora 18 - The repository now supports Fedora 18
for the i686 and x86_64 CPU architectures.
All packages have been moved from the forensics-test repository to the standard cert repository.
If you find any unexpected behavior with the packages as currently distributed, please send email to
partclone-0.2.48-2.{fc15,fc16,fc17,fc18,el6}.{i686,x86_64}.rpm - Partclone is a program similar to the
well-known backup utility "Partition Image" a.k.a partimage. Partclone provides utilities to save and restore used blocks on a
partition and is designed for higher compatibility of the file system by using existing libraries, e.g. e2fslibs is used to read and write
the ext2 partition.
The supported file systems are: ext2, ext3, ext4, hfs+, btrfs, ntfs, fat(12/16/32), and exfat.
This release was built to use the latest libntfs-3g shared library.
dff-1.3.0-1.{fc17,fc18}.{i686,x86_64}.rpm - The Digital Forensics Framework (DFF) is both
a digital investigation tool and a development platform. The framework is used by system administrators, law enforcement examinors, digital forensics researchers
and students, and security professionals world-wide. Written in Python and C++, it exclusively uses Open Source technologies. DFF combines an intuitive user
interface with a modular and cross-platform architecture. Note that only Fedora 17 and 18 are supported in this release.
See here for a list of recent changes
fmem-kernel-objects-1.6-1.16.{fc15,fc16,fc17,fc18,el5,el6}.{i686,x86_64}.rpm - Fmem is kernel module that creates
device /dev/fmem, similar to /dev/mem but without limitations.
The changes added support for the following Fedora kernels:
3.7.9-205 for FC18
3.8.1-201 for FC18
3.7.9-101 for FC17
3.7.9-104 for FC17
xplico-1.0.1-3.{fc15,fc16,fc17,fc18,el6}.{i686,x86_64}.rpm - xplico is an Internet traffic decoder.
Note that RHEL/CentOS 5 is not supported due to a lack of Python Version 3 support.
This release includes support for Python version 3.3 which is the default for Fedora 18.
snort-2.9.4.1-1.1.{fc15,fc16,fc17,fc18,el6}.{i686,x86_64}.rpm -
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
See here for the changes in this version.
libvshadow{,-devel,-tools,-python}-20130304-1.{fc15,fc16,fc17,fc18,el5,el6}.{i686,x86_64}.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
Here are the changes since the last version:
added PackageMaker files
updated include/types.h
fixed typo in vhsadowmount
regripper-plugins-20130218-1.{fc15,fc16,fc17,fc18,el5,el6}.noarch.rpm - Regripper-plugins are the plugins packaged separately from
the regripper application. The plugins added are the following:
NEW PLUGIN by Corey Harrell: uac.pl that gets UAC configuration values (SOFTWARE)
UPDATE by Harlan Carvey to comdlg32.pl, many updates (NTUSER)
NOTE profile software-all was updated
NOTE profiles all DO NOT contain plugins TLN versions: you must create your own profiles or use them directly