Package: forensics-extra (2.14)

Links for forensics-extra

Trisquel Resources:

Download Source Package forensics-extra:

Maintainer:

Debian Security Tools

Original Maintainers:

Debian Security Tools
Giovani Augusto Ferreira
Joao Eriberto Mota Filho

Similar packages:

Forensics Environment - extra console components (metapackage)

This package provides the extra components for a forensics environment. All here available tools are text console based. None of these tools were packaged by Debian Security Tools Team. This metapackage includes the most programs to data recovery, rootkit and exploit search, filesystems and memory analysis, image acquisition, volume inspection, passwords crackers, dictionaries (all put in /usr/share/dict), disassemblers, special actions over the hardware and many other activities.

The idea is provide several packages via APT, to avoid forgetting something when creating a specialized environment, specifically designed to operate outdoor.

There are not an intent to provide tools for remote attacks. So, some packages can be provided to allow a local analyses over pcap files. Other packages can be used to find vulnerabilities inside a LAN which is being investigated.

Other examples are hexedit and mc packages. mc provides mcview. The hexedit and mcview are able to manipulate very large files.

The following packages were included in this metapackage:

  arc, bfbtester, binutils, brotli, bruteforce-luks, bzip2,
  cabextract, chntpw, clzip, comprez, crunch, cryptmount, cupp, curl,
  dact, dares, dcfldd, ddrutility, dhcpdump, dictconv, diffstat,
  disktype, dmitry, dnsutils, dtach, erofs-utils, ethstatus, ethtool,
  exfat-fuse, exfat-utils, exif, exiftags, exiv2, fatcat, fdupes,
  flasm, foremost, funcoeszz, gddrescue, gdisk, geoip-bin, gifshuffle,
  hcxdumptool, heartbleeder, hexcompare, hexedit, horst, hping3,
  hwinfo, imageindex, inxi, ipgrab, ipv6toolkit, jdupes, john, less,
  libimage-exiftool-perl, lltdscan, lrzip, lshw, lz4, lzma, lzop,
  mblaze, mboxgrep, mc, mdns-scan, membernator, memstat, minizip,
  mpack, mscompress, nasm, nast, ncompress, netcat, netdiscover,
  ngrep, nomarch, nstreams, ntfs-3g, p7zip-full, parted, pcapfix,
  pcaputils, pdfcrack, pecomato, pev, plzip, pngcheck, poppler-utils,
  psrip, rarcrack, reaver, rzip, sipcrack, sipgrep, smb-nat, sngrep,
  snowdrop, ssh-audit, stegosuite, stepic, sxiv, tcpdump, tcpflow,
  tcpreplay, tcptrace, tcpxtract, telnet, testdisk, tshark, unar,
  uni2ascii, unzip, wamerican, wamerican-huge, wamerican-insane,
  wamerican-large, wamerican-small, wbrazilian, wbritish,
  wbritish-huge, wbritish-insane, wbritish-large, wbritish-small,
  wbulgarian, wcanadian, wcanadian-huge, wcanadian-insane,
  wcanadian-large, wcanadian-small, wcatalan, weplab, wesperanto,
  wfaroese, wfrench, wgaelic, wgerman-medical, whois, wirish,
  witalian, wmanx, wngerman, wpolish, wportuguese, wspanish, wswedish,
  wswiss, wukrainian, wzip, xxd, xz-utils, zpaq

This metapackage is useful for pentesters, ethical hackers and forensics experts.

Other Packages Related to forensics-extra

depends

recommends

suggests

dep: arc

Archive utility based on the MSDOS ARC program
dep: bfbtester

Brute Force Binary Tester
dep: binutils

GNU assembler, linker and binary utilities
dep: brotli

lossless compression algorithm and format (command line utility)
dep: bruteforce-luks

Try to find a password of a LUKS encrypted volume
dep: bzip2

high-quality block-sorting file compressor - utilities
dep: cabextract

Microsoft Cabinet file unpacker
dep: chntpw

NT SAM password recovery utility
dep: clzip

C, lossless data compressor based on the LZMA algorithm
dep: comprez

frontend to many compression programs
dep: crunch

tool for creating wordlist
dep: cryptmount

Management of encrypted file systems
dep: cupp

generate dictionaries for attacks from personal data
dep: curl

command line tool for transferring data with URL syntax
dep: dact

multi-algorithm compression
dep: dares

rescue files from damaged CDs and DVDs (ncurses-interface)
dep: dcfldd

enhanced version of dd for forensics and security
dep: ddrutility

set of data recovery utilities for use with GNU ddrescue
dep: dhcpdump

Parse DHCP packets from tcpdump
dep: dictconv

convert a dictionary file type in another dictionary file type
dep: diffstat

produces graph of changes introduced by a diff file
dep: disktype

detection of content format of a disk or disk image
dep: dmitry

Deepmagic Information Gathering Tool
dep: dnsutils

Transitional package for bind9-dnsutils
also a virtual package provided by bind9-dnsutils
dep: dtach

emulates the detach/attach feature of screen
dep: erofs-utils

Utilities for EROFS File System
dep: ethstatus

console-based ethernet statistics monitor
dep: ethtool

display or change Ethernet device settings
dep: exfat-fuse

read and write exFAT driver for FUSE
dep: exfat-utils

utilities to create, check, label and dump exFAT filesystem
dep: exif

command-line utility to show EXIF information in JPEG files
dep: exiftags

utility to read Exif tags from a digital camera JPEG file
dep: exiv2

EXIF/IPTC/XMP metadata manipulation tool
dep: fatcat

FAT filesystem explore, extract, repair, and forensic tool
dep: fdupes

identifies duplicate files within given directories
dep: flasm

assembler and disassembler for Flash (SWF) bytecode
dep: foremost

forensic program to recover lost files
dep: funcoeszz

script with 170+ useful mini applications
dep: gddrescue

GNU data recovery tool
dep: gdisk

GPT fdisk text-mode partitioning tool
dep: geoip-bin

IP lookup command line tools that use the GeoIP library
dep: gifshuffle

Steganography program to gif images
dep: hcxdumptool

Small tool to capture packets from wlan devices
dep: heartbleeder

test servers for OpenSSL CVE-2014-0160 aka Heartbleed
dep: hexcompare

utility to compare and identify binary files
dep: hexedit

viewer and editor in hexadecimal or ASCII for files or devices
dep: horst

Highly Optimized Radio Scanning Tool
dep: hping3

Active Network Smashing Tool
dep: hwinfo

Hardware identification system
dep: imageindex

generate static HTML galleries from images
dep: inxi

full featured system information script
dep: ipgrab

tcpdump-like utility that prints detailed header information
dep: ipv6toolkit

Security assessment and troubleshooting tool for the IPv6 protocols
dep: jdupes

identify and delete or link duplicate files
dep: john

active password cracking tool
dep: less

pager program similar to more
dep: libimage-exiftool-perl

library and program to read and write meta information in multimedia files
dep: lltdscan

Scan for LLTD-enabled hosts on your network
dep: lrzip

compression program with a very high compression ratio
dep: lshw

information about hardware configuration
dep: lz4

Fast LZ compression algorithm library - tool
dep: lzma

Compression and decompression in the LZMA format - command line utility
also a virtual package provided by xz-utils
dep: lzop

fast compression program
dep: mblaze

UNIX utilities to deal with Maildir
dep: mboxgrep

Grep through mailboxes
dep: mc

Midnight Commander - a powerful file manager
dep: mdns-scan

Scan for mDNS/DNS-SD services published on the local network
dep: membernator

Tool to scan membership cards to establish if they are valid
dep: memstat

Identify what's using up virtual memory
dep: minizip

compression library - minizip tools
dep: mpack

tools for encoding/decoding MIME messages
dep: mscompress

Microsoft "compress.exe/expand.exe" compatible (de)compressor
dep: nasm

General-purpose x86 assembler
dep: nast

packet sniffer and lan analyzer
dep: ncompress

original Lempel-Ziv compress/uncompress programs
dep: netcat

TCP/IP swiss army knife -- transitional package
also a virtual package provided by netcat-openbsd, netcat-traditional
dep: netdiscover

active/passive network address scanner using ARP requests
dep: ngrep

grep for network traffic
dep: nomarch

Unpacks .ARC and .ARK MS-DOS archives
dep: nstreams

network streams - a tcpdump output analyzer
dep: ntfs-3g

read/write NTFS driver for FUSE
dep: p7zip-full

7z and 7za file archivers with high compression ratio
dep: parted

disk partition manipulator
dep: pcapfix

repairs broken pcap and pcapng files
dep: pcaputils

specialized libpcap utilities
dep: pdfcrack

PDF files password cracker
dep: pecomato

Picture-embedded contents manipulation tool
dep: pev

text-based tool to analyze PE files
dep: plzip

parallel, lossless data compressor based on the LZMA algorithm
dep: pngcheck

print info and check PNG, JNG and MNG files
dep: poppler-utils

PDF utilities (based on Poppler)
dep: psrip

Extract images from PostScript files
dep: rarcrack

Password cracker for rar archives
dep: reaver

brute force attack tool against Wifi Protected Setup PIN number
dep: rzip

compression program for large files
dep: sipcrack

SIP login dumper/cracker
dep: sipgrep

command line tool to sniff, capture, display SIP messages
dep: smb-nat

Netbios Auditing Tool
dep: sngrep

Ncurses SIP Messages flow viewer
dep: snowdrop

plain text watermarking and watermark recovery
dep: ssh-audit

tool for ssh server auditing
dep: stegosuite

steganography tool to hide information in image files
dep: stepic

Python 3 Steganography in Images
dep: sxiv

simple X image viewer
dep: tcpdump

command-line network traffic analyzer
dep: tcpflow

TCP flow recorder
also a virtual package provided by tcpflow-nox
dep: tcpreplay

Tool to replay saved tcpdump files at arbitrary speeds
dep: tcptrace

Tool for analyzing tcpdump output
dep: tcpxtract

extract files from network traffic based on file signatures
dep: telnet

basic telnet client
dep: testdisk

Partition scanner and disk recovery tool, and PhotoRec file recovery tool
dep: tshark

network traffic analyzer - console version
dep: unar

Unarchiver for a variety of file formats
dep: uni2ascii

UTF-8 to 7-bit ASCII and vice versa converter
dep: unzip

De-archiver for .zip files
dep: wamerican

American English dictionary words for /usr/share/dict
dep: wamerican-huge

American English dictionary words for /usr/share/dict
dep: wamerican-insane

American English dictionary words for /usr/share/dict
dep: wamerican-large

American English dictionary words for /usr/share/dict
dep: wamerican-small

American English dictionary words for /usr/share/dict
dep: wbrazilian

Brazilian Portuguese wordlist
dep: wbritish

British English dictionary words for /usr/share/dict
dep: wbritish-huge

British English dictionary words for /usr/share/dict
dep: wbritish-insane

British English dictionary words for /usr/share/dict
dep: wbritish-large

British English dictionary words for /usr/share/dict
dep: wbritish-small

British English dictionary words for /usr/share/dict
dep: wbulgarian

Bulgarian dictionary words for /usr/share/dict
dep: wcanadian

Canadian English dictionary words for /usr/share/dict
dep: wcanadian-huge

Canadian English dictionary words for /usr/share/dict
dep: wcanadian-insane

Canadian English dictionary words for /usr/share/dict
dep: wcanadian-large

Canadian English dictionary words for /usr/share/dict
dep: wcanadian-small

Canadian English dictionary words for /usr/share/dict
dep: wcatalan

Catalan dictionary words for /usr/share/dict
dep: weplab

tool designed to break WEP keys
dep: wesperanto

Esperanto dictionary words for /usr/share/dict
dep: wfaroese

Faroese dictionary / wordlist
dep: wfrench

French dictionary words for /usr/share/dict
dep: wgaelic

Scots Gaelic word list
dep: wgerman-medical

German medical dictionary words for /usr/share/dict
dep: whois

intelligent WHOIS client
dep: wirish

Irish (Gaeilge) dictionary words for /usr/share/dict
dep: witalian

Italian dictionary words for /usr/share/dict/
dep: wmanx

Manx Gaelic dictionary words for /usr/share/dict
dep: wngerman

New German orthography wordlist
dep: wpolish

Polish dictionary words for /usr/share/dict
dep: wportuguese

European Portuguese wordlist
dep: wspanish

Spanish dictionary words for /usr/share/dict
dep: wswedish

Swedish dictionary words for /usr/share/dict
dep: wswiss

Swiss (German) orthography wordlist
dep: wukrainian

Ukrainian dictionary words for /usr/share/dict
dep: wzip

Lossy compression and denoising
dep: xxd

tool to make (or reverse) a hex dump
dep: xz-utils

XZ-format compression utilities
dep: zpaq

maximum reference compressor for ZPAQ open standard

rec: cmospwd

decrypt BIOS passwords from CMOS
rec: dmidecode

SMBIOS/DMI table decoder
rec: lynis

security auditing tool for Unix based systems
rec: ree

extract ROM extensions
rec: whatweb

Next generation web scanner

sug: clamav

anti-virus utility for Unix - command-line interface
sug: dns-flood-detector

detect abusive usage levels on high traffic nameservers
sug: droopy

mini web server to let others upload files to your computer
sug: forensics-all

Debian Forensics Environment - essential components (metapackage)
sug: forensics-all-gui

Debian Forensics Environment - GUI components (metapackage)
sug: forensics-extra-gui

Forensics Environment - extra GUI components (metapackage)
sug: forensics-full

Full forensics station (metapackage)
sug: grub-rescue-pc

GRUB bootable rescue images, version 2 (PC/BIOS version)
sug: isoqlog

Mail Transport Agent log analysis program
sug: mdadm

tool to administer Linux MD arrays (software RAID)
sug: systemd-bootchart

boot performance graphing tool
sug: xlsx2csv

convert xslx files to csv format

Download forensics-extra

Download for all available architectures
Architecture	Package Size	Installed Size	Files
all	8.5 kB	16 kB	[list of files]

Sections