python3-xlsxwriter-1.3.6-1.{fc27,fc28,fc29}.noarch.rpm and python36-xlsxwriter-1.3.6-1.el7.noarch.rpm -
XlsxWriter is a Python module for writing files in the Excel 2007+ XLSX file format.
XlsxWriter can be used to write text, numbers, formulas and hyperlinks to multiple worksheets and it supports features such as formatting and many more.
libfsntfs{,-devel,-python3}-20200921-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, libfsntfs{,-devel,-python2}-20200921-1.el6.{i686,x86_64}.rpm, libfsntfs{,-devel,-python36}-20200921-1.el7.x86_64.rpm, and libfsntfs{,-devel,-python3}-20200921-1.{fc31,fc32,el8}.x86_64.rpm -
Libfsntfs contains library and tools to access the New Technology File System (NTFS).
python3-dfwinreg-20200415-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, python36-dfwinreg-20200415-1.el7.x86_64.rpm, and python3-dfwinreg-20200415-1.{fc31,fc32,el8}.x86_64.rpm -
DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects.
python3-dfvfs-20200920-1.{fc27,fc28,fc29,fc30,fc31,fc32,el8}.noarch.rpm and python36-dfvfs-20200920-1.el7.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
libfsext{,-devel,-python2,-python3,-tools}-20200819-2.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, libfsext{,-devel,-python2,-tools}-20200819-2.el6.{i686,x86_64}.rpm, libfsext{,-devel,-python2,-python36,-tools}-20200819-2.el7.x86_64.rpm and libfsext{,-devel,-python2,-python3,-tools}-20200819-2.{fc31,fc32,el8}.x86_64.rpm -
Libfsext is a lbrary and tools to access the Extended File System (EXT).
This release correctly names the CentOS/RHEL 7 version (python36 vs. python3).
mac_apt-0.7-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and mac_apt-0.7-1.{fc321,fc32,el7,el8}.x86_64.rpm -
Mac_apt is a DFIR (Digital Forensics and Incident Response) tool to process Mac computer full disk images (or live machines) and extract data/metadata useful for forensic investigation.
It is a python based framework, which has plugins to process individual artifacts (such as Safari internet history, Network interfaces, Recently accessed files & volumes, etc.).
Here are a list of features:
Cross platform (no dependency on pyobjc)
Works on E01, VMDK, AFF4, DD, split-DD, DMG (no compression) and mounted images
XLSX, CSV, Sqlite outputs
Analyzed files/artifacts are exported for later review
zlib, lzvn, lzfse compressed files are supported!
Native HFS and APFS parser
Reads the Spotlight database and Unified Logging (tracev3) files
And here are a list of new functionality added in this release:
Support for macOS Big Sur (11.0)
FAST mode ⏳
Encrypted 🔒 APFS images can now be processed using password/recovery-key 🔑
macOS Catalina (10.15) images can be parsed now
macOS Catalina (10.15) separately mounted SYSTEM and DATA volumes now supported
AFF4 images (including macquisition created) now supported
CERT-Forensics-Tools-1.0-91.{fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-91.{fc31,fc32,el7,el8}.x86_64.rpm -
This relese does the following:
Added mac_apt for Fedora and CentOS/RHEL 7 and 8.
pfring-7.6.0-3176.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.6.
pfring-dkms-7.6.0-3176.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-3.2.0-2841.{el6,el7,el8}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
fmem-kernel-modules-fc32-x86_64-1.6-1.19.noarch.rpm -
Support for the following kernels were added for Fmem:
5.8.10-200 for FC32
5.8.9-200 for FC32
5.8.8-200 for FC32
lime-kernel-modules-fc32-x86_64-1.1.r17-19.noarch.rpm -
Support for the following kernels were added for LiME:
5.8.10-200 for FC32
5.8.9-200 for FC32
5.8.8-200 for FC32
fmem-kernel-modules-fc31-x86_64-1.6-1.35.noarch.rpm -
Support for the following kernels were added for Fmem:
5.8.10-100 for FC31
5.8.9-101 for FC31
5.8.8-100 for FC31
lime-kernel-modules-fc31-x86_64-1.1.r17-35.noarch.rpm -
Support for the following kernels were added for LiME:
5.8.10-100 for FC31
5.8.9-101 for FC31
5.8.8-100 for FC31
fmem-kernel-modules-el8-x86_64-1.6-1.9.noarch.rpm -
Support for the following kernels were added for Fmem:
4.18.0-193.19.1 for EL8
lime-kernel-modules-el8-x86_64-1.1.r17-9.noarch.rpm -
Support for the following kernels were added for LiME: