libphdi{,-devel,-python3,-tools}-20220301-1.{fc33,fc34,fc35,el8,amzn2}.x86_64.rpm and libphdi{,-devel,-python36,-tools}-20220301-1.el7.x86_64.rpm -
Libphdi is a library to access the Parallels Hard Disk image format.
python3-xlsxwriter-3.0.3-1.amzn2.noarch.rpm and python36-xlsxwriter-3.0.3-1.el7.noarch.rpm -
XlsxWriter is a Python module for writing files in the Excel 2007+ XLSX file format.
Volatility3-2.0.2-1.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm -
Volatility 3 is a completely open collection of tools,
implemented in Python under the Volatility Software License,
for the extraction of digital artifacts from volatile memory (RAM) samples.
This release is patched as of 2022-03-03.
python3-pyfixbuf-0.9.0-1.{fc31,fc32,fc33,el8,amzn2}.x86_64.rpm and python36-pyfixbuf-0.9.0-1.el7.x86_64.rpm -
Pyfixbuf is a Python API for libfixbuf,
an implementation of the IPFIX protocol used for building, collecting, and exporting processes.
Pyfixbuf can be used to write applications, often called mediators, that collect and export IPFIX.
Mediators are useful in modifying, filtering, or adding to the contents of a message before forwarding to another
IPFIX collection point, or converting IPFIX to another format (text, database, JSON, etc.).
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.19.2-1.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm and -
SiLK is the System for Internet-Level Knowledge, a collection of
traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks.
See here for a list of changes in this version.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.19.2-2.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm -
This release of the SiLK tools can be found in an optional repository that is now part of
cert-forensics-tools-release named forensics-sip, the definition of which can be found in /etc/yum.repos.d/cert-forensics-tools.repo.
This repository is diabled by default and can be enabled by running the script named /usr/bin/EnableSilkWithIPA as root.
Brim-0.28.0.rpm -
Brim is an open source desktop application for security and network specialists.
Brim makes it easy to search and analyze data from:
packet captures, like those created by Wireshark, and
structured logs, especially from the Zeek network analysis framework.
Brim is especially useful to security and network operators that need to handle large packet captures, especially those that are cumbersome for Wireshark, tshark, or other packet analyzers.
pfring-8.0.0-7280.{el7,el8,amzn2}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.0.0.7280-7280.{el7,el8,amzn2}.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.2.0-3575.{el7,el8,amzn2}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc35-x86_64-1.9.1-17.noarch.rpm -
Support for the following kernels were added for LiME:
5.16.12-200 for FC35
5.16.11-200 for FC35
5.16.10-200 for FC35
fmem-kernel-modules-fc35-x86_64-1.6-1.17.noarch.rpm -
Support for the following kernels were added for Fmem:
5.16.12-200 for FC35
5.16.11-200 for FC35
5.16.10-200 for FC35
fmem-kernel-modules-fc34-x86_64-1.6-1.40.noarch.rpm -
Support for the following kernels were added for Fmem:
5.16.12-100 for FC34
5.16.11-100 for FC34
5.16.10-100 for FC34
lime-kernel-modules-fc34-x86_64-1.9.1-40.noarch.rpm -
Support for the following kernels were added for LiME: