Volatility3-2.4.0-1.{fc34,fc35,fc36,el7,el8,amzn2}.x86_64.rpm and Volatility3-2.4.0-1.el9.{aarch64,x86_64}.rpm -
Volatility 3 is a completely open collection of tools,
implemented in Python under the Volatility Software License,
for the extraction of digital artifacts from volatile memory (RAM) samples.
The full documentation for this version of Volatility can be found here.
This release is patched as of 2022-09-23.
python3-certifi-2022.9.24.1-1.{el8,amzn2}.noarch.rpm and python36-2022.9.24.1.8-1.el7.noarch.rpm -
Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
python3-dfdatetime-20220925-1.{fc34,fc35,fc36,el8,el9,amzn2}.noarch.rpm -
dfDateTime, or Digital Forensics Date and Time, provides date and time objects to preserve accuracy and precision.
libevtx{,-devel,-python3,-tools}-20220724-1.{fc34,fc35,fc36,el8,amzn2}.x86_64.rpm, libevtx{,-devel,-python3,-tools}-20220724-1.el9.{aarch64,x86_64}.rpm, and libevtx{,-devel,-python36,-tools}-20220724-1.el7.x86_64.rpm -
Libevtx contains libraries and tools to access the Windows XML Event Log (EVTX) format files.
libfsext{,-devel,-python3,-tools}-20220829-1.{fc34,fc35,fc36,el8,amzn2}.x86_64.rpm, libfsext{,-devel,-python3,-tools}-20220829-1.el9.{aarch64,x86_64}.rpm, and libfsext{,-devel,-python36,-tools}-20220829-1.el7.x86_64.rpm -
Libfsext is a library and tools to access the Extended File System (EXT).
libfsfat{,-devel,-python3,-tools}-20220925-1.{fc34,fc35,fc36,el8,amzn2}.x86_64.rpm, libfsfat{,-devel,-python3,-tools}-20220925-1.el9.{aarch64,x86_64}.rpm, and libfsfat{,-devel,-python36,-tools}-20220925-1.el7.x86_64.rpm -
Libfsfat is a library and tools to access the file Allocation Table (FAT) file system format.
libfshfs{,-devel,-python3,-tools}-20220831-1.{fc34,fc35,fc36,el8,amzn2}.x86_64.rpm, libfshfs{,-devel,-python3,-tools}-20220831-1.el9.{aarch64,x86_64}.rpm, and libfshfs{,-devel,-python36,-tools}-20220831-1.el7.x86_64.rpm -
Libfshfs is a library and tools to access the Hierarchical File System (HFS).
libfsxfs{,-devel,-python3,-static,-tools}-20220829-1.{fc34,fc35,fc36,el8,amzn2}.x86_64.rpm, libfsxfs{,-devel,-python3,-static,-tools}-20220829-1.el9.{aarch64,x86_64}.rpm, and libfsxfs{,-devel,-python36,-static,-tools}-20220829-1.el7.x86_64.rpm -
Libfsxfs contains library and tools to access the SGI X File System (XFS).
libfvde{,-devel,-python3,-tools}-20220915-1.{fc34,fc35,fc36,el7,el8,amzn2}.x86_64.rpm, libfvde{,-devel,-python3,-tools}-20220915-1.el9.{aarch64,x86_64}.rpm, and libfvde{,-devel,-python36,-tools}-20220915-1.el7.x86_64.rpm -
Libfvde is a library and tools to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes.
The FVDE format is used by Mac OS X, as of Lion, to encrypt data on a storage media volume.
python3-dfvfs-20220917-1.{fc34,fc35,fc36,el8,el9,amzn2}.noarch.rpm -
dfVFS, the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
python3-lz4-4.0.2-1.el9.{aarch64,x86_64}.rpm -
LZ4 contains the python bindings for the lz4 compression library.
python{2,36}-psutil-5.9.2-1.el7.x86_64.rpm -
Python-psutil is a cross-platform library for retrieving information onrunning processes and system utilization (CPU, memory, disks, network) in Python.
snort-3.1.42.0-1.{fc34,fc35,fc36,el8}.x86_64.rpm and snort-3.1.42.0-1.el9.{x86_64,aarch64}.rpm -
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol3analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
See here for the list of changes.
pfring-8.3.0-7842.{el7,el8,amzn2}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
pfring-dkms-8.3.0.7842-7842.{el7,el8,amzn2}.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
ndpi-4.5.0-3965.{el7,el8,amzn2}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
lime-kernel-modules-fc36-x86_64-1.9.1-17.noarch.rpm -
Support for the following kernels were added for LiME:
5.19.11-200 for FC36
5.19.10-200 for FC36
fmem-kernel-modules-fc36-x86_64-1.6-1.17.noarch.rpm -
Support for the following kernels were added for Fmem:
5.19.11-200 for FC36
5.19.10-200 for FC36
lime-kernel-modules-fc35-x86_64-1.9.1-41.noarch.rpm -
Support for the following kernels were added for LiME:
5.19.11-100 for FC35
5.19.10-100 for FC35
fmem-kernel-modules-fc35-x86_64-1.6-1.41.noarch.rpm -
Support for the following kernels were added for Fmem: