Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

The #newinjessie game: new forensic packages in Debian/jessie

Repeating what I did last year with the #newinwheezy game it’s time for the #newinjessie game:

Debian/jessie AKA Debian 8.0 includes a bunch of packages for people interested in digital forensics. The packages maintained within the Debian Forensics team which are new in the Debian/jessie stable release as compared to Debian/wheezy (and ignoring wheezy-backports):

  • ext4magic: recover deleted files from ext3 or ext4 partitions
  • libbfio1: Library to provide basic input/output abstraction
  • lime-forensics-dkms: kernel module to memory dump
  • mac-robber: collects data about allocated files in mounted filesystems
  • pff-tools: library to access various ms outlook files formats/tools to exports PAB, PST and OST files
  • ssdeep: Recursive piecewise hashing tool (note: was present in squeeze but not in wheezy)
  • volatility: advanced memory forensics framework
  • yara: help to identify and classify malwares

Join the #newinjessie game and present packages which are new in Debian/jessie.

Don't be the product, buy the product!

Schweinderl