This is the TODO list of packages for the Debian-forensics project.
Todo: needs packaging
Done: available on Debian repositories
Wip: Work In Progress
ToRel: to be released (in GIT repository)
Packages to debianize for the Debian Forensics project |
||||
Name |
Short Description |
Website |
Status |
Remarks |
afflib |
Advanced forensic format libraries and tools |
Wip |
The sleuthkit use this library |
|
libewf |
Library and tools to use the ?EyeWitness Encase file format |
Todo |
guymager use a special version of this library |
|
air |
A GUI frontend to dd and dcfldd |
Todo |
|
|
dd_rhelp |
A bash script to help in the use of dd_rescue |
Todo |
|
|
safecopy |
A data recovery tool |
Done |
|
|
ftimes |
System baselining and evidence collection tool |
Todo |
|
|
md5deep |
A recursive hasher |
Todo |
|
|
pyflag |
A forensic analysis tool with a GUI |
Todo |
|
|
setmax |
A tool to play with HPA/DCO |
Todo |
|
|
dc3dd |
Patched version of Gnu dd for forensics purposes |
Done |
|
|
fat-gundel |
restores deleted JPEG images from your digital camera's storage chip |
Todo |
|
|
fatundel |
Undelete files from FAT |
Todo |
|
|
fatback |
undelete files from FAT |
?ToRel |
|
|
nepenthes |
A low interaction honeypot |
Todo |
|
|
amun |
A python low interaction honeypot |
Todo |
|
|
pgpcrack |
A tool to try to brute force pgp encrypted files |
http://www.nic.funet.fi/index/crypt/mirrors/utopia/pgp/utils/pgpcrack/ |
Done |
|
Hydra |
A very fast network logon cracker |
Todo |
|
|
lcrack |
Generic password cracker |
Todo |
|
|
revit |
A smart file carver |
Todo |
|
|
foregone.pl |
A carver in perl "a la foremost" |
Todo |
|
|
recoverphotos |
A carver for jpeg and cr2 files |
Done |
|
|
grepj-fat |
A jpeg recovery tool |
Todo |
|
|
bar |
A small shell script progress bar |
Todo |
|
|
pipemeter |
A pipe troughoutput measurement tool |
Todo |
|
|
pipeworks |
Benchmarking tool for pipelines |
Todo |
|
|
regp.pl |
A offline registry parser |
http://sourceforge.net/project/showfiles.php?group_id=164158 |
Todo |
|
parse::win32registry |
A very well done perl library to parse offline win32 registry |
http://search.cpan.org/~jmacfarla/Parse-Win32Registry-0.30/lib/Parse/Win32Registry.pm |
Todo |
|
hed |
Hexadecimal editor |
Todo |
|
|
shed |
Hex editor |
Done |
|
|
biew |
Hex editor and disassembler |
Todo |
|
|
heme |
Another hex editor |
Todo |
|
|
dumpautocomplete |
Dump autocompleted fileds of firefox |
http://www.foundstone.com/us/resources/proddesc/DumpAutoComplete.htm |
Todo |
|
bhv |
Browser history viewer |
Todo |
|
|
regripper |
An offline windows registry forensics analysis tool that depends on perl parse::win32registry |
Todo |
|
|
msnshadow |
A forensic tool to extract MSN traffic from pcap files |
Todo |
|
|
|
|
|
|
|