Jump to letter: [ 2ABCDEFGHJKLMNOPRSTUVXYZ ]

applications/forensics tools

• 2hash - Simultaneously perform an MD5 and SHA1 checksum on files
• BEViewer - BEViewer - GUI for bulk_extractor
• CERT-Forensics-Tools - Meta package that includes all of the CERT Forensics Tools
• DropboxReader - DropboxReader
• Volatility - Tools for the extraction of digital artifacts from volatile memory (RAM) images
• cryptcat - Netcat with encryption
• dff - dff - open source digital investigation framework
• distorm3 - distorm3 - binary stream disassembler library
• eindeutig - Parse Outlook Express DBX files
• epub - Extract thumbnails and associated metadata from the Thumbs.db files
• fatback - Undelete files from FAT file systems
• fiwalk - fiwalk - find and extract files of a given type
• fmem-kernel-objects - This package contains all of the kernel objects for all of the kernels for the currently supported versions of Fedora in the CERT Linux Repository.
• fred - Microsoft registry hive editor
• galleta - Examine the contents of cookie files
• ghostpdl - Artifex Software's implementation of the PCL-5™ and PCL-XL™ family of page description languages
• grokevt - Read and process Windows Event Files
• guymager - Imager for forensic media acquisition
• hachoir-core - Library for carving binary files
• hachoir-metadata - Extracts metadata from multimedia files
• hachoir-parser - File format parser fo hachoir suite
• hachoir-regex - A Python library for regular expression (regex or regexp) manupulation
• hachoir-subfile - A tool based on hachoir-parser to find subfiles in any binary stream
• hachoir-urwid - A binary file explorer based on Hachoir library to parse the files
• hachoir-wx - A wxWidgets-based program that provides a user-friendly interface to hachoir-parser
• libguytools - A small programming toolbox
• libpff - libpff - Library to access the PFF and the OFF format
• md5deep - Programs to compute MD5, SHA-1, or SHA-256 message digests on files
• missidentify - Find Win32 applications
• mount_ewf - mount files in Expert Witness Format using loopback file system
• nDPI - Open source deep packet inspection
• pasco - Reconstruct IE internet activity
• ptfinder - Find processes and threads in a Windows memory dump
• ptk - An alternative advanced interface for the suite TSK (The SleuthKit)
• python-xlwt - python-xlwk - a library to generate spreadsheet files compatible with Microsoft Excel versions 95 to 2003
• pytsk - pytsk - Python binding for The Sleuth Kit
• registrydecoder - registrydecoder - automates acquisition, analysis, and reporting of Microsoft Windows registry contents.
• reglookup - Windows NT registry reader/lookup tool
• regripper - A Windows Registry data extraction and correlation tool
• regripper-plugins - Plugins for regripper
• rifiuti - Examine the contents of INFO2 in the Windows Recycle bin
• rifiuti2 - Examine the contents of INFO2 in the Windows Recycle bin
• sfdumper - A Selective File Dumper program built on top of the Sleuthkit
• snort-sample-rules - Sample rules for snort
• ssdeep - Computes a checksum based on context triggered piecewise hashes
• videosnarf - Output detected media sessions
• vinetto - Extract thumbnails and associated metadata from the Thumbs.db files
• xplico - Internet traffic decoder and network forensic analysis tool
• yara - yara - find files matching patterns and rules written in a special-purpose language
• yara-python - yara-python - Python extension that gives access to YARA from Python scripts

Listing created by Repoview-0.6.5-1.el5