xva-img-1.4.2-2.{fc32,fc33,fc34,el7,el8}.x86_64.rpm -
XVA-IMG is a tool for working with Citrix XEN disk images.
Citrix Xen uses a custom virtual appliance format for import/export called "XVA".
It's basically a strangely crafted tar-file.
You don't need this program to unpack this tar-file, just use your favourite tar unpacker (tar, gtar, bsdtar).
Once unpacked you will end up with a lot of different files, ova.xml (which contains the settings for the virtual appliance, think VMware vmx) and a number of folders called Ref:/, this is your disks.
Each of these folders contain hundreds of files named 00000000, 00000001 with a accompanying .CHECKSUM file (SHA1).
Each file is a 1MB slice of the disk, but some of the files in the sequence will probably be missing this is because XVA do not use compression; instead it will exclude slices of the disk that only contains zeros (are empty).
This tool can assemble the disk for you (you will end up with a RAW disk) that can easily be mounted and modified.
It can then also split the file again and generate checksum.
Once ready, you will probably want to use the "package" command to rebuild the XVA file.
In this release, the modes for the xva-img file were set to 755 as is appropriate.
python36-xlsxwriter-1.4.4-1.el7.noarch.rpm -
XlsxWriter is a Python module for writing files in the Excel 2007+ XLSX file format.
avml-0.3.0-1.{fc32,fc33,fc34,el7,el8}.x86_64.rpm -
AVML is an X86_64 userland volatile memory acquisition tool written in Rust, intended to be deployed as a static binary.
AVML can be used to acquire memory without knowing the target OS distribution or kernel a priori.
No on-target compilation or fingerprinting is needed.
AVML can produce a memory image suitable for processing with
Volatility 2 or Volatility 3 once the appropriate profiles
have been created.
pfring-7.8.0-3459.{el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-7.8.0-3459.{el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-3.4.0-3226.{el7,el8}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
fmem-kernel-modules-el8-x86_64-1.6-1.21.noarch.rpm -
Support for the following kernels were added for Fmem:
4.18.0-315 for EL8
lime-kernel-modules-el8-x86_64-1.9.1-21.noarch.rpm -
Support for the following kernels were added for LiME: