Skip to content
Sections
>> Trisquel >> Packages >> etiona >> metapackages >> forensics-all
etiona  ] [  nabia  ] [  aramo  ]
[ Source: forensics-all  ]

Package: forensics-all (1.7)

Debian Forensics Environment - essential components (metapackage)

This package provides the core components for a forensics environment. All here available tools are packaged by Debian Forensics Team. This metapackage includes the most programs to data recovery, rootkit and exploit search, filesystems and memory analysis, image acquisition, volume inspection, special actions over the hardware and many other activities.

The following packages were included in this metapackage:

  aesfix, aeskeyfind, afflib-tools, bruteforce-salted-openssl, cewl,
  chaosreader, crack or crack-md5, dc3dd, dislocker, ed2k-hash,
  ewf-tools, exifprobe, ext3grep, ext4magic, extundelete, fcrackzip,
  forensics-colorize, galleta, gpart, grokevt, guymager, hashdeep,
  hashrat, mac-robber, magicrescue, memdump, metacam, missidentify,
  myrescue, nasty, pasco, pff-tools, pipebench, plaso, pompem,
  recoverdm, recoverjpeg, reglookup, rekall-core, rephrase, rifiuti,
  rifiuti2, rkhunter, rsakeyfind, safecopy, scalpel, scrounge-ntfs,
  shed, sleuthkit, ssdeep, steghide, tableau-parm, undbx, unhide,
  unhide.rb, vinetto, volatility, volatility-tools, winregfs, wipe,
  yara.

This package is useful for pentesters, ethical hackers and forensics experts.

Other Packages Related to forensics-all

  • depends
  • recommends
  • suggests
  • dep: aesfix
    tool for correcting bit errors in an AES key schedule
  • dep: aeskeyfind
    tool for locating AES keys in a captured memory image
  • dep: afflib-tools
    Advanced Forensics Format Library (utilities)
  • dep: bruteforce-salted-openssl
    try to find the passphrase for files encrypted with OpenSSL
  • dep: cewl
    custom word list generator
  • dep: chaosreader
    trace network sessions and export it to html format
  • dep: crack
    Password guessing program (crypt() variant)
    also a virtual package provided by crack-md5
    or crack-md5
    Password guessing program (MD5 variant)
  • dep: dc3dd
    patched version of GNU dd with forensic features
  • dep: dislocker
    read/write encrypted BitLocker volumes
  • dep: ed2k-hash
    tool for generating ed2k-links
  • dep: ewf-tools
    collection of tools for reading and writing EWF files
  • dep: exifprobe
    read metadata from digital pictures
  • dep: ext3grep
    tool to help recover deleted files on ext3 filesystems
  • dep: ext4magic
    recover deleted files from ext3 or ext4 partitions
  • dep: extundelete
    utility to recover deleted files from ext3/ext4 partition
  • dep: fcrackzip
    password cracker for zip archives
  • dep: forensics-colorize
    show differences between files using color graphics
  • dep: galleta
    Internet Explorer cookie forensic analysis tool
  • dep: gpart
    Guess PC disk partition table, find lost partitions
  • dep: grokevt
    scripts for reading Microsoft Windows event log files
  • dep: guymager
    Forensic imaging tool based on Qt
  • dep: hashdeep
    recursively compute hashsums or piecewise hashings
  • dep: hashrat
    hashing tool supporting several hashes and recursivity
  • dep: mac-robber
    collects data about allocated files in mounted filesystems
  • dep: magicrescue
    recover files by looking for magic bytes
  • dep: memdump
    utility to dump memory contents to standard output
  • dep: metacam
    extract EXIF information from digital camera files
  • dep: missidentify
    find win32 applications
  • dep: myrescue
    rescue data from damaged disks
  • dep: nasty
    tool which helps you to recover your GPG passphrase
  • dep: pasco
    Internet Explorer cache forensic analysis tool
  • dep: pff-tools
    library to access various ms outlook files formats
  • dep: pipebench
    measures the speed of stdin/stdout communication
  • dep: plaso
    super timeline all the things
  • dep: pompem
    Exploit and Vulnerability Finder
  • dep: recoverdm
    recover files on disks with damaged sectors
  • dep: recoverjpeg
    recover JFIF (JPEG) pictures and MOV movies
  • dep: reglookup
    utility to analysis for Windows NT-based registry
  • dep: rekall-core
    memory analysis and incident response framework
  • dep: rephrase
    Specialized passphrase recovery tool for GnuPG
  • dep: rifiuti
    MS Windows recycle bin analysis tool
  • dep: rifiuti2
    replacement for rifiuti, a MS Windows recycle bin analysis tool
  • dep: rkhunter
    rootkit, backdoor, sniffer and exploit scanner
  • dep: rsakeyfind
    locates BER-encoded RSA private keys in memory images
  • dep: safecopy
    data recovery tool for problematic or damaged media
  • dep: scalpel
    fast filesystem-independent file recovery
  • dep: scrounge-ntfs
    Data recovery program for NTFS filesystems
  • dep: shed
    simple hex editor with a pico-style interface
  • dep: sleuthkit
    tools for forensics analysis on volume and filesystem data
  • dep: ssdeep
    recursive piecewise hashing tool
  • dep: steghide
    steganography hiding tool
  • dep: tableau-parm
    tableau write-blocking bridge query/command utility
  • dep: undbx
    tool to extract, recover and undelete e-mail messages from .dbx files
  • dep: unhide
    Forensic tool to find hidden processes and ports
  • dep: unhide.rb
    Forensic tool to find processes hidden by rootkits
  • dep: vinetto
    forensics tool to examine Thumbs.db files
  • dep: volatility
    advanced memory forensics framework
  • dep: volatility-tools
    generate profiles to Volatility Framework
  • dep: winregfs
    Windows registry FUSE filesystem
  • dep: wipe
    secure file deletion
  • dep: yara
    Pattern matching swiss knife for malware researchers
  • rec: outguess
    universal steganographic tool

Download forensics-all

Download for all available architectures
Architecture Package Size Installed Size Files
all 4.0 kB10 kB [list of files]