plaso-20211024-2.{fc33,fc34,fc35,el7,el8}.x86_64.rpm -
Plaso is the Python-based back-end engine used by tools such as
log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Details of this update are available here.
Note: For CentOS/RHEL 7 and 8, Plaso now runs in Python Virtual Environment.
The Fedora version is unchanged in this release.
python3-elasticsearch-7.16.1-1.{fc33,fc34,fc35,el8}.x86_64.rpm and python36-elasticsearch-7.16.1-1.el7.x86_64.rpm -
ElasticSearch is the official low-level client for Elasticsearch.
Its goal is to provide common ground for all Elasticsearch-related code in Python; because of this it tries to be opinion-free and very extendable.
ghidra-10.1-PUBLIC_20211210.1.{fc33,fc34,fc35,el7,el8}.x86_64.rpm -
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms
including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features.
Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.
Users may also develop their own Ghidra plug-in components and/or scripts using Java or Python.
See the list of changes and improvements
here.
pfring-8.0.0-7140.{el7,el8}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.0.0.7140-7140.{el7,el8}.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.0.0-3453.{el7,el8}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc35-x86_64-1.9.1-6.noarch.rpm -
Support for the following kernels were added for LiME:
5.15.7-200 for FC35
fmem-kernel-modules-fc35-x86_64-1.6-1.6.noarch.rpm -
Support for the following kernels were added for Fmem:
5.15.7-200 for FC35
fmem-kernel-modules-fc34-x86_64-1.6-1.29.noarch.rpm -
Support for the following kernels were added for Fmem:
5.15.7-100 for FC34
lime-kernel-modules-fc34-x86_64-1.9.1-29.noarch.rpm -
Support for the following kernels were added for LiME: