libfsext{,-devel,-python3,-tools}-20230603-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm, libfsext{,-devel,-python3,-tools}-20230603-1.el9.{aarch64,x86_64}.rpm, and libfsext{,-devel,-python36,-tools}-20230603-1.el7.x86_64.rpm -
Libfsext is a library and tools to access the Extended File System (EXT).
dtfabric-20230520-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm and dtfabric-20230520-1.el9.{x86_64,aarch64}.rpm -
Dtfabric is a project to manage data types and structures, as used in the libyal projects.
dfimagetools-tools-20230526-1.{fc36,fc37,fc38,el8,el9,amzn2}.noarch.rpm and python3-dfimagetools-20230526-1.{fc36,fc37,fc38,el8,el9,amzn2}.noarch.rpm -
DFImageTools is a collection of tools to process storage media images.
python3-dfdatetime-20230506-1.{fc36,fc37,fc38,el8,el9,amzn2}.noarch.rpm -
dfDateTime, or Digital Forensics Date and Time, provides date and time objects to preserve accuracy and precision.
python3-acstore-20230519-1.{fc36,fc37,fc38,el8,el9,amzn2}.noarch.rpm -
ACStore is a library that provides a stand-alone implementation to read and write Attribute Container stores, such as Plaso storage files.
python3-dfvfs-20230531-1.{fc36,fc37,fc38,el8,el9,amzn2}.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
libfsntfs{,-devel,-python3,-tools}-20230606-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm, libfsntfs{,-devel,-python3,-tools}-20230606-1.el9.{x86_64,aarch64}.rpm, and libfsntfs{,-devel,-python36,-tools}-20230606-1.el7.x86_64.rpm -
Libfsntfs contains library and tools to access the New Technology File System (NTFS).
python3-artifacts-20230723-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm, artifacts-data-20230723-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm , python3-artifacts-20230723-1.el9.{x86_64,aarch64}.rpm, and artifacts-data-20230723-1.el9.{x86_64,aarch64}.rpm -
Artifacts is a free, community-sourced,
libfsapfs{,-devel,-python3,-tools}-20230617-1.{fc36,fc37,fc38,el8,amzn2,el8}.x86_64.rpm, libfsapfs{,-devel,-python3,-tools}-20230617-1.el9.{x86_64,aarch64}.rpm, and libfsapfs{,-devel,-python36,-tools}-20230617-1.el7.x86_64.rpm -
libfsapfs is a library to access the Apple File System (APFS).
libvsbsdl{,-devel,-python3,-static,-tools}-20230506-1.{fc36,fc37,fc38,el8,amzn2,el8}.x86_64.rpm, libvsbsdl{,-devel,-python3,-static,-tools}-20230506-1.el9.{x86_64,aarch64}.rpm, and libvsbsdl{,-devel,-python36,-static,-tools}-20230506-1.el7.x86_64.rpm -
libvsbsdl is a library to access the BSD disk label volume system format.
libvsapm{,-devel,-python3,-static,-tools}-20230506-1.{fc36,fc37,fc38,el8,amzn2,el8}.x86_64.rpm, libvsapm{,-devel,-python3,-static,-tools}-20230506-1.el9.{x86_64,aarch64}.rpm, and libvsapm{,-devel,-python36,-static,-tools}-20230506-1.el7.x86_64.rpm -
libvsapm is a library to access the Apple Partition Map (APM) volume system format.
libgzipf{,-devel,-python3,-static,-tools}-20230114-1.{fc36,fc37,fc38,el8,amzn2,el8}.x86_64.rpm, libgzipf{,-devel,-python3,-static,-tools}-20230114-1.el9.{x86_64,aarch64}.rpm, and libgzipf{,-devel,-python36,-static,-tools}-20230114-1.el7.x86_64.rpm -
libgzipf is a library to access the GZIP file format.
libcaes{,-devel,-python3,-static}-20230406-1.{fc36,fc37,fc38,el8,amzn2}.x86_64.rpm, libcaes{,-devel,-python3,-static}-20230406-1.el9.{x86_64,aarch64}.rpm, and libcaes{,-devel,-python36,-static}-20230406-1.el7.x86_64.rpm -
libcaes is a library to support cross-platform AES encryption.
plaso-20230717-1.{fc36,fc37,fc38,el7,el8,amzn2}.x86_64.rpm and plaso-20230717-1.el9.{x86_64,aarch64}.rpm -
Plaso is the Python-based back-end engine used by tools such as
log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Details of this update are available here.
This release removes the version restriction on the pyparsing package.
python3-certifi-2023.7.22-1.{el8,amzn2}.noarch.rpm and python36-certifi-2023.7.22-1.el7.noarch.rpm -
Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
CERT-Forensics-Tools-1.0-104.{fc36,fc37,fc38,el7,el8,amzn2}.x86_64.rpm and CERT-Forensics-Tools-1.0-104.el9.{aarch64,x86_64}.rpm -
The following tools were added:
libvsbsdl-tools - tools to access BSD disk label volume system format.
libvsapm-tools - tools to access the Apple File System (APFS).
libgzipf-tools - tools to access the GZIP file format.
pfring-8.5.0-8415.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
This package was installed for CentOS 7 for the x86_64 architecture.
pfring-dkms-8.5.0.8415-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
This package was installed for CentOS 7 for the x86_64 architecture.
ndpi-4.7.0-4321.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
This package was installed for CentOS 7 for the x86_64 architecture.
pfring-8.5.0-8418.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
pfring-dkms-8.5.0.8418-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
ndpi-4.7.0-4324.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
snort-3.1.67.0-1.{fc36,fc37,fc38,el8}.x86_64.rpm and snort-3.1.67.0-1.el9.{x86_64,aarch64}.rpm -
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
lime-kernel-modules-fc38-x86_64-1.9.1-8.noarch.rpm -
Support for the following kernels were added for LiME:
6.4.6-200 for FC38
fmem-kernel-modules-fc38-x86_64-1.6-1.8.noarch.rpm -
Support for the following kernels were added for Fmem:
6.4.6-200 for FC38
lime-kernel-modules-fc37-x86_64-1.9.1-8.noarch.rpm -
Support for the following kernels were added for LiME:
6.4.6-100 for FC37
fmem-kernel-modules-fc37-x86_64-1.6-1.8.noarch.rpm -
Support for the following kernels were added for Fmem:
6.4.6-100 for FC37
lime-kernel-modules-el9-{x86_64,aarch64}-1.9.1-21.noarch.rpm -
Support for the following kernels were added for LiME for both the x86_64 and aarch64 architectures:
5.14.0-344 for EL9
fmem-kernel-modules-el9-{x86_64,aarch64}-1.6-1.21.noarch.rpm -
Support for the following kernels were added for Fmem for both the x86_64 and aarch64 architectures: