plaso-20220724-1.{fc34,fc35,fc36,el7,el8,el9,amzn2}.x86_64.rpm -
Plaso is the Python-based back-end engine used by tools such as
log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Details of this update are available here.
This release removes the version restriction on the pyparsing package.
Note: For CentOS/RHEL 7, 8, and 9, and Amazon Linux 2, Plaso now runs in Python Virtual Environment.
hindsight-2021.12-2.{fc34,fc35,fc36,el7,el8,el9,amzn2}.x86_64.rpm -
Hindsight is a free tool for analyzing web artifacts.
It started with the browsing history of the Google Chrome web browser and has expanded to support other Chromium-based applications.
Hindsight can parse a number of different types of web artifacts, including URLs, download history, cache records, bookmarks, autofill records, saved passwords,
preferences, browser extensions, HTTP cookies, and Local Storage records (HTML5 cookies).
Once the data is extracted from each file, it is correlated with data from other history files and placed in a timeline.
This version was rebuilt to use the latest libcffi library on CentOS/RHEL 7.
bellsoft-jdk8u345+1-linux-amd64-full.rpm -
Bellsoft Java was installed for Fedora 34, 35, and 36, CentOS/RHEL 7, 8, and 9, and Amazon Linux 2.
Bellsoft Java 8 is the recommended version of Java for Autopsy.
pfring-8.3.0-7737.{el7,el8,amzn2}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.3.0.7737-7737.{el7,el8,amzn2}.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.5.0-3892.{el7,el8,amzn2}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc36-x86_64-1.9.1-10.noarch.rpm -
Support for the following kernels were added for LiME:
5.18.16-200 for FC36
5.18.15-200 for FC36
fmem-kernel-modules-fc36-x86_64-1.6-1.10.noarch.rpm -
Support for the following kernels were added for Fmem:
5.18.16-200 for FC36
5.18.15-200 for FC36
lime-kernel-modules-fc35-x86_64-1.9.1-34.noarch.rpm -
Support for the following kernels were added for LiME:
5.18.16-100 for FC35
5.18.15-100 for FC35
fmem-kernel-modules-fc35-x86_64-1.6-1.34.noarch.rpm -
Support for the following kernels were added for Fmem:
5.18.16-100 for FC35
5.18.15-100 for FC35
fmem-kernel-modules-el9-x86_64-1.6-1.11.noarch.rpm -
Support for the following kernels were added for Fmem:
5.14.0-142 for EL9
lime-kernel-modules-el9-x86_64-1.9.1-11.noarch.rpm -
Support for the following kernels were added for LiME: