Differences between revisions 44 and 45
Revision 44 as of 2009-08-11 14:37:28
Size: 5409
Comment: update hydra status information
Revision 45 as of 2009-08-11 14:57:02
Size: 5494
Comment: update status of bar
Deletions are marked like this. Additions are marked like this.
Line 17: Line 17:
||bar ||A small shell script progress bar ||http://www.theiling.de/projects/bar.html || note by mika: no release since 2007, though upstream's tarball provides debian/ (being outdated but works) ||
Line 47: Line 48:
||bar ||A small shell script progress bar ||http://www.theiling.de/projects/bar.html || mika is working on it ||

This is the TODO list of packages for the Debian-forensics project.

Todo: needs packaging

Wip: Work In Progress

ToRel: to be released (in GIT repository)

Done: available on Debian repositories

Todo

Packages to debianize for the Debian Forensics project

Name

Short Description

Website

Remarks

air

A GUI frontend to dd and dcfldd

http://air-imager.sourceforge.net/

amun

A python low interaction honeypot

http://zero.ram.rwth-aachen.de/amun/download.php

bar

A small shell script progress bar

http://www.theiling.de/projects/bar.html

note by mika: no release since 2007, though upstream's tarball provides debian/ (being outdated but works)

bhv

Browser history viewer

http://dev.mmgsecurity.com/projects/bhv/

biew

Hex editor and disassembler

http://biew.sourceforge.net/en/biew.html

see #460636

catfs

A tool to virtually concatenate splitted files into one use FUSE

http://sourceforge.net/projects/catfs/

dumpautocomplete

Dump autocompleted fileds of firefox

http://www.foundstone.com/us/resources/proddesc/DumpAutoComplete.htm

fat-gundel

restores deleted JPEG images from your digital camera's storage chip

http://freshmeat.net/projects/fat-gundel/

Broken link (it is only avaliable in OpenSuSE)

fatundel

Undelete files from FAT

http://synfin.net/fatundel/

foregone.pl

A carver in perl "a la foremost"

http://www.secureworks.com/research/tools/foregone.html

grepj-fat

A jpeg recovery tool

http://www.guzu.net/linux/various.php#gepj-fat

hed

Hexadecimal editor

http://pasky.or.cz/~pasky/dev/hed/

heme

Another hex editor

http://heme.sourceforge.net/

hydra

A very fast network logon cracker

http://freeworld.thc.org/thc-hydra/

note by mika: packaging is easy, but the license is not a clean GPL one -> not distributable for Debian

lcrack

Generic password cracker

http://usuarios.lycos.es/reinob/

libpff

Library and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format

http://sourceforge.net/projects/libpff/

msnshadow

A forensic tool to extract MSN traffic from pcap files

http://sourceforge.net/projects/msnshadow

parse::win32registry

A very well done perl library to parse offline win32 registry

http://search.cpan.org/~jmacfarla/Parse-Win32Registry-0.30/lib/Parse/Win32Registry.pm

pipemeter

A pipe troughoutput measurement tool

http://spamaps.org/pipemeter.php

pipeworks

Benchmarking tool for pipelines

http://sourceforge.net/projects/pipeworks/

pyflag

A forensic analysis tool with a GUI

http://www.pyflag.net/

regripper

An offline windows registry forensics analysis tool that depends on perl parse::win32registry

http://www.regripper.net/

revit

A smart file carver

https://www.uitwisselplatform.nl/projects/revit

regp.pl

A offline registry parser

http://sourceforge.net/project/showfiles.php?group_id=164158

setmax

A tool to play with HPA/DCO

http://www.win.tue.nl/~aeb/linux/setmax.c

sslstrip

A tool for improving HTTP MITM attacks by stripping out redirections to SSL

http://www.thoughtcrime.org/software/sslstrip/index.html

Wip

Packages which are Wip for the Debian Forensics project

Name

Short Description

Website

Remarks

dc3dd

Patched version of Gnu dd for forensics purposes

http://dc3dd.sourceforge.net/

ftimes

System baselining and evidence collection tool

http://ftimes.sourceforge.net/FTimes/index.shtml

dd_rhelp

A bash script to help in the use of dd_rescue

http://www.kalysto.org/utilities/dd_rhelp/index.en.html

mika: Debian packaging available at http://git.grml.org/?p=dd-rhelp.git

sslsniff

A tool for SSL MITM attacks

http://www.thoughtcrime.org/software/sslsniff/

apostols is working in it

ToRel

Packages to be released by the Debian Forensics project

Name

Short Description

Website

Remarks

Done

Packages which have been debianized for/by the Debian Forensics project

Name

Short Description

Website

Remarks

afflib

Advanced forensic format libraries and tools

http://www.afflib.org/

The sleuthkit use this library

fatback

undelete files from FAT

http://sourceforge.net/projects/fatback

libewf

Library and tools to use the ?EyeWitness Encase file format

https://www.uitwisselplatform.nl/projects/libewf/

packaged as libewf1; guymager use a special version of this library

md5deep

A recursive hasher

http://md5deep.sourceforge.net/

nepenthes

A low interaction honeypot

http://nepenthes.mwcollect.org/

pgpcrack

A tool to try to brute force pgp encrypted files

http://www.nic.funet.fi/index/crypt/mirrors/utopia/pgp/utils/pgpcrack/

recoverphotos

A carver for jpeg and cr2 files

http://turingmachine.org/~dmg/recoverPhotos/

safecopy

A data recovery tool

http://safecopy.sourceforge.net/

shed

Hex editor

http://shed.sourceforge.net/