lime-kernel-modules-fc20-{i686,x86_64}-1.1.r17-11.noarch.rpm - Support for the following kernels were added for
LiME:
3.16.2-200 for FC20
fmem-kernel-modules-fc20-{i686,x86_64}-1.6-1.11.noarch.rpm - Support for the following kernels were added for
Fmem:
3.16.2-200 for FC20
dff-1.3.0.20140123-2.{fc17,fc18,fc19,fc20,el7}.{i686,x86_64}.rpm - The Digital Forensics Framework (DFF)
is both a digital investigation tool and a development platform.
The framework is used by system administrators, law enforcement examiners, digital forensics researchers and students, and security professionals world-wide.
Written in Python and C++,
it exclusively uses Open Source technologies.
DFF combines an intuitive user interface with a modular and cross-platform architecture.
This version is the developer version as of January 23, 2014.
The changes were to add missing dependencies, specifically PyQt4-webkit for CentOS/RHEL 7
and python-poppler-qt4 for all supported architectures.
python-poppler-qt4-0.16.2-8.el7.x86_64.rpm - Python-poppler-qt4 is a Python
interface to the Poppler Qt4 interface library, libpoppler-qt4, which is a library that allows Qt4 programmers to easily load and render
PDF files.
The Poppler Qt4 interface library uses poppler internally to do its job, but the Qt4 programmer will never have to worry about poppler internals.
analysis-pipeline-4.4-1.{fc17,fc18,fc9,fc20,el5,el6}.{i686,x86_64}.rpm and analysis-pipeline-4.4-1.el7.x86_64.rpm -
The analysis-pipeline
processes SiLK Flow records, and its goals are to automate common tasks, to get closer to "real-time" reporting of events, and to feed interesting data to a security information and event manager (SIEM).
See here for the changes in this release.
libevtx{,-devel,-python,-tools}-20140901-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libevtx-{,devel,python,tools}-20140901-1.el7.x86_64.rpm -
Libevtx contains libraries and tools
to access the Windows XML Event Log (EVTX) format files.
See here for the list of changes.
libfvde{,-devel,-tools}-20140907-1.{fc17,fc18,fc9,fc20,el5,el6}.{i686,x86_64}.rpm and libfvde{,-devel,-tools}-20140907-1.el7.x86_64.rpm -
Libfvde is a lbrary and tools to access FileVault Drive
Encryption (FVDE) (or FileVault2) encrypted volumes. The FVDE format is used by Mac OS X, as of Lion, to encrypt data on a storage media volume.
Here are the changes from the last version (20130305):
exposed some encryption context plist functions in API
updated dependencies
updated msvscpp files, not operational yet
worked on libcthreads build support
liblnk{,-devel,-python,-tools}-20140905-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and liblnk{,-devel,-python,-tools}-20140905-1.el7.x86_64.rpm -
liblnk contains libraries and tools
to access the Windows Shortcut File (LNK) format file.
Here are the changes from the last version (20140731):
updated libfwsi version check
bug fix in Python-bindings
worked on property store data block support
libregf{,-devel,-python,-tools}-20140905-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libregf{,-devel,-python,-tools}-20140905-1.el7.x86_64.rpm -
libregf contains libraries and tools to access the Windows NT Registry File files.
Here are the changes from the last version (20140803):
updated libfwsi version check
bug fix in Python-bindings
code clean
ssdeep-2.11-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Ssdeep is a program for computing context triggered
piecewise hashes (CTPH), also called fuzzy hashes. See here for the list of changes.
xplico-1.1.0-2.{fc17,el6}.{i686,x86_64}.rpm - xplico is an Internet traffic decoder.
This release was rebuilt to work under CentOS/RHEL 7. All other suported systems were upgraded for release version consistency.
Note that RHEL/CentOS 5 is not supported due to a lack of Python Version 3 support.
bulk_extractor-1.5.5-1.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm - Bulk_extractor
bulk_extractor is a C++ program that scans a disk image, a file, or a directory of files and extracts useful information without
parsing the file system or file system structures. The results are stored in feature files that can be easily inspected, parsed, or
processed with automated tools. bulk_extractor also creates histograms of features that it finds, as features that are more
common tend to be more important. This version fixes many issues. In addition, it also contains the BEViewer GUI front-end for bulk_extractor.
Note that this release of bulk_extractor is not available for CentOS/RHEL 5 due to an outdated version of flex for that OS.