Volatility3-2.0.0.b1-1.{fc31,fc32,fc33,el7,el8}.x86_64.rpm -
Volatility 3 is a completely open collection of tools,
implemented in Python under the Volatility Software License,
for the extraction of digital artifacts from volatile memory (RAM) samples.
This release is a beta version of Volatility 3 which can be found here.
Volatility3-{windows,linux,mac}-symbols-20191016-1.noarch.rpm -
These three packages are the kernel symbol table files needed by Volatility 3
to correctly interpret inforamtion in various Windows, Linux, and MacOS kernels.
CERT-Forensics-Tools-1.0-92.{fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-92.{fc31,fc32,fc33,el7,el8}.x86_64.rpm -
This relese does the following:
Added Volatility3 and the Volatility 3 symbol table packages for Fedora 31 and beyond and CentOS/RHEL 7 and beyond.
libfshfs{,-devel,-python2,-python3,-tools}-20201104-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm, libfshfs{,-devel,-python2,-tools}-20201104-1.el6.{i686,x86_64}.rpm, libfshfs{,-devel,-python2,-python36,-tools}-20201104-3.el7.x86_64.rpm, and libfshfs{,-devel,-python2,-python3,-tools}-20201104-3.{fc31,fc32,fc33,el8}.x86_64.rpm -
Libfshfs is a lbrary and tools to access the Hierarchical File System (HFS).
Note that this project currently only focuses on the analysis of the format.
python3-dfvfs-20201105-1.{fc27,fc28,fc29,fc30,fc31,fc32,fc33,el8}.noarch.rpm and python36-dfvfs-20201105-1.el7.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
pfring-7.8.0-3267.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-7.8.0-3267.{el6,el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-3.4.0-3267.{el6,el7,el8}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
yaf{,-devel}-2.11.0-5.{fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm and yaf{,-devel}-2.11.0-5.{fc31,fc32,fc33,el7,el8}.x86_64.rpm -
Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering.
Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format.
It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using
pcap(3), an Endace DAG capture device,
or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX
over SCTP, TCP or
UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system.
This release has been updated to support PF_Ring Version 7.8.
bellsoft-java8-full-1.8.0.275-1+1.{i586,x86_64}.rpm -
Bellsoft Java
was installed for Fedora 27 through 32 and CentOS/RHEL 7 and 8.
Bellsoft Java 8 is the recommended version of Java for Autopsy.
See these instructions for installing Autopsy on Linux where this recommendation can be found.
python3-artifacts-20201106-1.{fc27,fc28,fc29,fc30}.{i386,x86_64}.rpm, artifacts-data-20201106-1.{fc27,fc28,fc29,fc30}.{i386,x86_64}.rpm,
python36-artifacts-20201106-1.el7.x86_64.rpm, artifacts-data-20201106-1.el7.x86_64.rpm -
python3-artifacts-20201106-1.{fc31,fc32,fc33,el8}.x86_64.rpm, artifacts-data-20201106-1.{fc31,fc32,fc33,el8}.x86_64.rpm -
Artifacts is a free, community-sourced,
machine-readable knowledge base of digital forensic artifacts that the world can use both as an information source and within other tools.
fmem-kernel-modules-fc33-x86_64-1.6-1.2.noarch.rpm -
Support for the following kernels were added for Fmem:
5.8.18-300 for FC33
5.8.17-300 for FC33
lime-kernel-modules-fc33-x86_64-1.1.r17-2.noarch.rpm -
Support for the following kernels were added for LiME:
5.8.18-300 for FC33
5.8.17-300 for FC33
fmem-kernel-modules-fc32-x86_64-1.6-1.24.noarch.rpm -
Support for the following kernels were added for Fmem:
5.8.18-200 for FC32
5.8.17-200 for FC32
lime-kernel-modules-fc32-x86_64-1.1.r17-24.noarch.rpm -
Support for the following kernels were added for LiME:
5.8.18-200 for FC32
5.8.17-200 for FC32
fmem-kernel-modules-fc31-x86_64-1.6-1.40.noarch.rpm -
Support for the following kernels were added for Fmem:
5.8.18-100 for FC31
5.8.17-100 for FC31
lime-kernel-modules-fc31-x86_64-1.1.r17-40.noarch.rpm -
Support for the following kernels were added for LiME:
5.8.18-100 for FC31
5.8.17-100 for FC31
fmem-kernel-modules-el8-x86_64-1.6-1.10.noarch.rpm -
Support for the following kernels were added for Fmem:
4.18.0-193.28.1 for EL8
lime-kernel-modules-el8-x86_64-1.1.r17-10.noarch.rpm -
Support for the following kernels were added for LiME: