vleapp-2.0.0-6.{fc36,fc37,fc38,fc39,el7,el8,amzn2}.x86_64.rpm and vleapp-2.0.0-6.el9.{aarch64,x86_64}.rpm -
vleapp is a Vehicle Logs Events And Protobuf Parser application.
Both the command line version (vleapp) and the GUI version (vleappGUI) are included in this package.
This release is patched as of 2023-11-30.
Note that vleapp is not part of the CERT-Forensics-Tools metapackage so it must be installed manually.
libfsext{,-devel,-python3,-tools}-20231129-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfsext{,-devel,-python36,-tools}-20231129-1.el7.x86_64.rpm, and libfsext{,-devel,-python3,-tools}-20231129-1.el9.{aarch64,x86_64}.rpm -
Libfsext is a library and tools to access the Extended File System (EXT).
libsigscan{,-devel,-python3,-tools}-20231201-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libsigscan{,-devel,-python36,-tools}-20231201-1.el7.x86_64.rpm, and libsigscan{,-devel,-python3,-tools}-20231201-1.el9.{x86_64,aarch64}.rpm -
Libsigscan is a library and tools used to binary signature scanning.
libfwsi{,-devel,-python3}-20231130-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfwsi{,-devel,-python36}-20231130-1.el7.x86_64.rpm, and libfwsi{,-devel,-python3}-20231130-1.el9.{x86_64,aarch64}.rpm -
Libfwsi is a library to access the Windows Shell Item format.
libmsiecf{,-devel,-python3,-tools}-20231203-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libmsiecf{,-devel,-python36,-tools}-20231203-1.el7.x86_64.rpm, and libmsiecf{,-devel,-python3,-tools}-20231203-1.el9.{x86_64,aarch64}.rpm -
Libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files.
libolecf{,-devel,-python3,-tools}-20231203-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libolecf{,-devel,-python36,-tools}-20231203-1.el7.x86_64.rpm, and libolecf{,-devel,-python3,-tools}-20231203-1.el9.{x86_64,aarch64}.rpm -
Libolecf contains libraries and tools to access the OLE 2 Compound File (OLECF) format filed.
libscca{,-devel,-python3,-tools}-20231203-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libscca{,-devel,-python36,-tools}-20231203-1.el7.x86_64.rpm, and libscca{,-devel,-python3,-tools}-20231203-1.el9.{x86_64,aarch64}.rpm -
Libscca is a library to access the Windows Prefetch File (SCCA) format.
libregf{,-devel,-python3,-tools}-20231203-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libregf{,-devel,-python36,-tools}-20231203-1.el7.x86_64.rpm, and libregf{,-devel,-python3,-tools}-20231203-1.el9.{x86_64,aarch64}.rpm -
Libregf contains libraries and tools to access the Windows Registry File files.
libwrc{,-devel,-python3,-tools}-20231202-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libwrc{,-devel,-python36,-tools}-20231202-1.el7.x86_64.rpm, and libwrc{,-devel,-python3,-tools}-20231202-1.el9.{x86_64,aarch64}.rpm -
Libwrc is a library and tools to access the Windows Resource Compiler (WRC) format.
libbde{,-devel,-python3,-tools}-20231205-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libbde{,-devel,-python36,-tools}-20231205-1.el7.x86_64.rpm, and libbde{,-devel,-python3,-tools}-20231205-1.el9.{x86_64,aarch64}.rpm -
Libbde is a library and tools to access the BitLocker Drive Encryption (BDE) format.
libvsbsdl{,-devel,-python3,-static,-tools}-20231204-1.{fc36,fc37,fc38,fc39,,el8,amzn2,el8}.x86_64.rpm, libvsbsdl{,-devel,-python36,-static,-tools}-20231204-1.el7.x86_64.rpm, and libvsbsdl{,-devel,-python3,-static,-tools}-20231204-1.el9.{x86_64,aarch64}.rpm -
libvsbsdl is a library to access the BSD disk label volume system format.
libluksde{,-devel,-python3,-tools}-20231204-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libluksde{,-devel,-python36,-tools}-20231204-1.el7.x86_64.rpm, and libluksde{,-devel,-python3,-tools}-20231204-1.el9.{x86_64,aarch64}.rpm -
Libluksde is a library and tools used to access LUKS Disk Encryption encrypted volumes.
libnk2{,-devel,-python3,-tools}-20231205-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libnk2{,-devel,-python36,-tools}-20231205-1.el7.x86_64.rpm, and libnk2{,-devel,-python3,-tools}-20231205-1.el9.{x86_64,aarch64}.rpm -
Libnk2 is a library and tools to access Microsoft Outlook Nickfile (NK2) format files.
python3-dfdatetime-20231205-1.{fc37,fc38,fc39}.noarch.rpm -
dfDateTime, or Digital Forensics Date and Time, provides date and time objects to preserve accuracy and precision.
dfwinreg-20231205-1.{fc37,fc38,fc39}.x86_64.rpm -
DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects.
The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.
snort-3.1.76.0-1.{fc36,fc37,fc38,fc39,el8}.x86_64.rpm and snort-3.1.76.0-1.el9.{x86_64,aarch64}.rpm -
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
libpff{,-devel,-python3,-tools}-20231205-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libpff{,-devel,-python36,-tools}-20231205-1.el7.x86_64.rpm, and libpff{,-devel,-python3,-tools}-20231205-1.el9.{x86_64,aarch64}.rpm -
Libpff is a library and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format.
libfwevt{,-devel,-python3,-static}-20231119-1.{fc36,,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfwevt{,-devel,-static,-python3}-20231119-1.el9.{x86_64,aarch64}.rpm, and libfwevt{,-devel,-python36,-static}-20231119-1.el7.x86_64.rpm -
Libfwevt is a library for Windows XML Event Log (EVTX) data types.
Note: this is a library only - there are no tools provided by these packages.
libexe{,-devel,-python3,-tools}-20231120-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, and libexe{,-devel,-python36,-tools}-20231120-1.el7.x86_64.rpm, and libexe{,-devel,-python3,-tools}-20231120-1.el9.{x86_64,aarch64}.rpm -
Libexe is a library and tools to access the executable (EXE) format.
libfcrypto{,-devel,-python3,-static}-20231120-1.{fc36,fc37,fc38,fc39,el8,amzn2}.x86_64.rpm, libfcrypto{,-devel,-python36,-static}-20231120-1.el7.x86_64.rpm, and libfcrypto{,-devel,-python3,-static}-20231120-1.el9.{x86_64,aarch64}.rpm -
Libfcrypto is a library for encryption formats.
python3-dfvfs-20231205-1.{fc37,fc38,fc39}.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
pfring-8.7.0-8708.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.7.0.8708-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.9.0-4497.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc39-x86_64-1.9.1-4.noarch.rpm -
Support for the following kernels were added for LiME:
6.3.3-200 for FC39
fmem-kernel-modules-fc39-x86_64-1.6-1.4.noarch.rpm -
Support for the following kernels were added for Fmem:
6.6.3-200 for FC39
lime-kernel-modules-fc38-x86_64-1.9.1-22.noarch.rpm -
Support for the following kernels were added for LiME:
6.6.3-100 for FC38
fmem-kernel-modules-fc38-x86_64-1.6-1.22.noarch.rpm -
Support for the following kernels were added for Fmem:
6.6.3-100 for FC38
lime-kernel-modules-el9-{x86_64,aarch64}-1.9.1-37.noarch.rpm -
Support for the following kernels were added for LiME for both the x86_64 and aarch64 architectures:
5.14.0-390 for EL9
fmem-kernel-modules-el9-{x86_64,aarch64}-1.6-1.37.noarch.rpm -
Support for the following kernels were added for Fmem for both the x86_64 and aarch64 architectures: