5784
Comment:
|
5786
|
Deletions are marked like this. | Additions are marked like this. |
Line 4: | Line 4: |
||missidentify||Search win32 executables without an legacy extension||http://missidentify.sourceforge.net/||Todo|| || | ||missidentify ||Search win32 executables without an legacy extension ||http://missidentify.sourceforge.net/ ||Wip|| || |
This is the TODO list of packages for the Debian-forensics project.
Packages to debianize for the Debian Forensics project |
||||
Name |
Short Description |
Website |
Status |
Remarks |
missidentify |
Search win32 executables without an legacy extension |
Wip |
|
|
ssdeep |
Piecewise hashing |
Done |
|
|
memdump |
Memory dumper |
Done |
|
|
afflib |
Advanced forensic format libraries and tools |
Todo |
The sleuthkit use this library |
|
libewf |
Library and tools to use the ?EyeWitness Encase file format |
Todo |
guymager use a special version of this library |
|
recoverdm |
Damaged media recovery tool |
Done |
|
|
air |
A GUI frontend to dd and dcfldd |
Todo |
|
|
dd_rhelp |
A bash script to help in the use of dd_rescue |
Todo |
|
|
safecopy |
A data recovery tool |
Todo |
|
|
myrescue |
Another data recovery tool |
Done |
|
|
ftimes |
System baselining and evidence collection tool |
Todo |
|
|
md5deep |
A recursive hasher |
Todo |
|
|
pyflag |
A forensic analysis tool with a GUI |
Todo |
|
|
setmax |
A tool to play with HPA/DCO |
Todo |
|
|
scroungentfs |
Data recovery program for NTFS file systems |
Todo |
|
|
dc3dd |
Patched version of Gnu dd for forensics purposes |
Done |
|
|
fat-gundel |
restores deleted JPEG images from your digital camera's storage chip |
Todo |
|
|
fatundel |
Undelete files from FAT |
Todo |
|
|
fatback |
undelete files from FAT |
Todo |
|
|
nepenthes |
A low interaction honeypot |
Todo |
|
|
amun |
A python low interaction honeypot |
Todo |
|
|
pgpcrack |
A tool to try to brute force pgp encrypted files |
http://www.nic.funet.fi/index/crypt/mirrors/utopia/pgp/utils/pgpcrack/ |
Done |
|
Hydra |
A very fast network logon cracker |
Todo |
|
|
lcrack |
Generic password cracker |
Todo |
|
|
revit |
A smart file carver |
Todo |
|
|
foregone.pl |
A carver in perl "a la foremost" |
Todo |
|
|
recoverphotos |
A carver for jpeg and cr2 files |
Done |
|
|
grepj-fat |
A jpeg recovery tool |
Todo |
|
|
bar |
A small shell script progress bar |
Todo |
|
|
pipebench |
A pipe progress indicator |
Done |
|
|
pipemeter |
A pipe troughoutput measurement tool |
Done |
|
|
pipeworks |
Benchmarking tool for pipelines |
Todo |
|
|
reglookup |
A tool to explore the win32 registry |
Todo |
|
|
regp.pl |
A offline registry parser |
http://sourceforge.net/project/showfiles.php?group_id=164158 |
Todo |
|
parse::win32registry |
A very well done perl library to parse offline win32 registry |
http://search.cpan.org/~jmacfarla/Parse-Win32Registry-0.30/lib/Parse/Win32Registry.pm |
Todo |
|
hed |
Hexadecimal editor |
Todo |
|
|
shed |
Hex editor |
Todo |
|
|
biew |
Hex editor and disassembler |
Todo |
|
|
heme |
Another hex editor |
>Todo |
|
|
dumpautocomplete |
Dump autocompleted fileds of firefox |
http://www.foundstone.com/us/resources/proddesc/DumpAutoComplete.htm |
Todo |
|
bhv |
Browser history viewer |
Todo |
|
|
grokevt |
Tools to read and reassemble windows event logs |
Todo |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|