libfsntfs{,-devel,-python3}-20211229-2.{fc33,fc34,fc35,el8}.x86_64.rpm and libfsntfs{,-devel,-python36}-20211229-2.el7.x86_64.rpm -
Libfsntfs contains library and tools to access the New Technology File System (NTFS).
opensearch-py-1.0.0-1.{fc33,fc34,fc35,el7,el8}.noarch.rpm -
OpenSearch-PY is a Python client for OpenSearch.
plaso-20211229-1.{fc33,fc34,fc35,el7,el8}.x86_64.rpm -
Plaso is the Python-based back-end engine used by tools such as
log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Details of this update are available here.
Note: For CentOS/RHEL 7 and 8, Plaso now runs in Python Virtual Environment.
python{2,36}-psutil-5.9.0-1.el7.x86_64.rpm -
Python-psutil is a cross-platform library for retrieving information onrunning processes and system utilization (CPU, memory, disks, network) in Python.
mac_apt-1.4.3.dev-3.{fc33,fc34,fc35,el7,el8}.x86_64.rpm -
Mac_apt is a DFIR (Digital Forensics and Incident Response) tool to process Mac computer full disk images (or live machines)
and extract data/metadata useful for forensic investigation.
It is a python based framework, which has plugins to process individual artifacts (such as Safari internet history, Network interfaces, Recently accessed files & volumes, etc.).
This package is based on the 2022-01-04 version of the code.
hindsight-2021.12-1.{fc33,fc34,fc35,el7,el8}.x86_64.rpm -
Hindsight is a free tool for analyzing web artifacts.
It started with the browsing history of the Google Chrome web browser and has expanded to support other Chromium-based applications.
Hindsight can parse a number of different types of web artifacts, including URLs, download history, cache records, bookmarks, autofill records, saved passwords,
preferences, browser extensions, HTTP cookies, and Local Storage records (HTML5 cookies).
Once the data is extracted from each file, it is correlated with data from other history files and placed in a timeline.
lime-kernel-modules-fc35-x86_64-1.9.1-9.noarch.rpm -
Support for the following kernels were added for LiME:
5.15.12-200 for FC35
fmem-kernel-modules-fc35-x86_64-1.6-1.9.noarch.rpm -
Support for the following kernels were added for Fmem:
5.15.12-200 for FC35
fmem-kernel-modules-fc34-x86_64-1.6-1.32.noarch.rpm -
Support for the following kernels were added for Fmem:
5.15.12-100 for FC34
lime-kernel-modules-fc34-x86_64-1.9.1-32.noarch.rpm -
Support for the following kernels were added for LiME:
5.15.12-100 for FC34
fmem-kernel-modules-el8-x86_64-1.6-1.30.noarch.rpm -
Support for the following kernels were added for Fmem:
4.18.0-348.7.1 for EL8
lime-kernel-modules-el8-x86_64-1.9.1-30.noarch.rpm -
Support for the following kernels were added for LiME: