Skip to content
Sections
>> Trisquel >> Packages >> nabia >> metapackages >> forensics-all
etiona  ] [  nabia  ] [  aramo  ]
[ Source: forensics-all  ]

Package: forensics-all (3.18)

Debian Forensics Environment - essential components (metapackage)

This package provides the core components for a forensics environment. All here available tools are packaged by Debian Security Tools Team. This metapackage includes the most programs to data recovery, rootkit and exploit search, filesystems and memory analysis, image acquisition, volume inspection, special actions over the hardware and many other activities.

The following packages were included in this metapackage: 

  acct, aesfix, aeskeyfind, afflib-tools, arp-scan, binwalk, braa,
  bruteforce-salted-openssl, brutespray, btscanner, capstone-tool,
  ccrypt, cewl, chaosreader, chkrootkit, cowpatty, crack or crack-md5,
  dc3dd, dirb, dislocker, dnsrecon, doona, dsniff, ed2k-hash,
  exifprobe, ext4magic, extundelete, ewf-tools, fcrackzip,
  forensic-artifacts, forensics-colorize, galleta, grokevt, hashdeep,
  hashid, hashrat, hydra, mac-robber, magicrescue, maskprocessor,
  masscan, medusa, memdump, metacam, mfcuk, mfoc, missidentify,
  myrescue, nasty, nbtscan, ncat, ncrack, ndiff, nmap, o-saft,
  ophcrack-cli, outguess, pasco, patator, pff-tools, pipebench,
  pixiewps, pnscan, polenum, pompem, recoverdm, recoverjpeg,
  reglookup, rephrase, rfdump, rhash, rifiuti, rifiuti2, rkhunter,
  rsakeyfind, safecopy, samdump2, scalpel, scrounge-ntfs, shed,
  sleuthkit, smbmap, ssdeep, ssldump, statsprocessor, steghide,
  stegsnow, sucrack, tableau-parm, tcpick, testssl.sh, undbx, unhide,
  unhide.rb, vinetto, wapiti, wfuzz, winregfs, wipe, xmount, yara

This metapackage is useful for pentesters, ethical hackers and forensics experts.

Other Packages Related to forensics-all

  • depends
  • recommends
  • suggests
  • dep: acct
    GNU Accounting utilities for process and login accounting
  • dep: aesfix
    tool for correcting bit errors in an AES key schedule
  • dep: aeskeyfind
    tool for locating AES keys in a captured memory image
  • dep: afflib-tools
    Advanced Forensics Format Library (utilities)
  • dep: arp-scan
    arp scanning and fingerprinting tool
  • dep: binwalk
    tool library for analyzing binary blobs and executable code
  • dep: braa
    Mass SNMP scanner
  • dep: bruteforce-salted-openssl
    try to find the passphrase for files encrypted with OpenSSL
  • dep: brutespray
    Python bruteforce tool
  • dep: btscanner
    ncurses-based scanner for Bluetooth devices
  • dep: capstone-tool
    lightweight multi-architecture disassembly framework - command line tool
  • dep: ccrypt
    secure encryption and decryption of files and streams
  • dep: cewl
    custom word list generator
  • dep: chaosreader
    trace network sessions and export it to html format
  • dep: chkrootkit
    rootkit detector
  • dep: cowpatty
    Brute-force WPA dictionary attack
  • dep: crack
    Password guessing program (crypt() variant)
    also a virtual package provided by crack-md5
    or crack-md5
    Password guessing program (MD5 variant)
  • dep: dc3dd
    patched version of GNU dd with forensic features
  • dep: dirb
    URL bruteforcing tool
  • dep: dislocker
    read/write encrypted BitLocker volumes
  • dep: dnsrecon
    Powerful DNS enumeration script
  • dep: doona
    Network fuzzer forked from bed
  • dep: dsniff
    Various tools to sniff network traffic for cleartext insecurities
  • dep: ed2k-hash
    tool for generating ed2k-links
  • dep: ewf-tools
    collection of tools for reading and writing EWF files
  • dep: exifprobe
    read metadata from digital pictures
  • dep: ext4magic
    recover deleted files from ext3 or ext4 partitions
  • dep: extundelete
    utility to recover deleted files from ext3/ext4 partition
  • dep: fcrackzip
    password cracker for zip archives
  • dep: forensic-artifacts
    knowledge base of forensic artifacts (data files)
  • dep: forensics-colorize
    show differences between files using color graphics
  • dep: galleta
    Internet Explorer cookie forensic analysis tool
  • dep: grokevt
    scripts for reading Microsoft Windows event log files
  • dep: hashdeep
    recursively compute hashsums or piecewise hashings
  • dep: hashid
    Identify the different types of hashes used to encrypt data
  • dep: hashrat
    hashing tool supporting several hashes and recursivity
  • dep: hydra
    very fast network logon cracker
  • dep: mac-robber
    collects data about allocated files in mounted filesystems
  • dep: magicrescue
    recover files by looking for magic bytes
  • dep: maskprocessor
    high-performance word generator with a per-position configurable charset
  • dep: masscan
    TCP port scanner
  • dep: medusa
    fast, parallel, modular, login brute-forcer for network services
  • dep: memdump
    utility to dump memory contents to standard output
  • dep: metacam
    extract EXIF information from digital camera files
  • dep: mfcuk
    MiFare Classic Universal toolKit
  • dep: mfoc
    MIFARE Classic offline cracker
  • dep: missidentify
    find win32 applications
  • dep: myrescue
    rescue data from damaged disks
  • dep: nasty
    tool which helps you to recover your GPG passphrase
  • dep: nbtscan
    scan networks searching for NetBIOS information
  • dep: ncat
    NMAP netcat reimplementation
  • dep: ncrack
    High-speed network authentication cracking tool
  • dep: ndiff
    The Network Mapper - result compare utility
  • dep: nmap
    The Network Mapper
  • dep: o-saft
    SSL advanced forensic tool
  • dep: ophcrack-cli
    Package not available
  • dep: outguess
    universal steganographic tool
  • dep: pasco
    Internet Explorer cache forensic analysis tool
  • dep: patator
    Multi-purpose brute-forcer
  • dep: pff-tools
    utilities for MS Outlook PAB, PST and OST files
  • dep: pipebench
    measure the speed of stdin/stdout communication
  • dep: pixiewps
    Offline WPS bruteforce tool
  • dep: pnscan
    Multi threaded port scanner
  • dep: polenum
    Extracts the password policy from a Windows system
  • dep: pompem
    Exploit and Vulnerability Finder
  • dep: recoverdm
    recover files on disks with damaged sectors
  • dep: recoverjpeg
    recover JFIF (JPEG) pictures and MOV movies
  • dep: reglookup
    utility to analysis for Windows NT-based registry
  • dep: rephrase
    Specialized passphrase recovery tool for GnuPG
  • dep: rfdump
    tool to decode RFID tag data
  • dep: rhash
    utility for computing hash sums and magnet links
  • dep: rifiuti
    MS Windows recycle bin analysis tool
  • dep: rifiuti2
    replacement for rifiuti, a MS Windows recycle bin analysis tool
  • dep: rkhunter
    rootkit, backdoor, sniffer and exploit scanner
  • dep: rsakeyfind
    locates BER-encoded RSA private keys in memory images
  • dep: safecopy
    data recovery tool for problematic or damaged media
  • dep: samdump2
    Dump Windows 2k/NT/XP password hashes
  • dep: scalpel
    fast filesystem-independent file recovery
  • dep: scrounge-ntfs
    Data recovery program for NTFS filesystems
  • dep: shed
    simple hex editor with a pico-style interface
  • dep: sleuthkit
    tools for forensics analysis on volume and filesystem data
  • dep: smbmap
    handy SMB enumeration tool
  • dep: ssdeep
    recursive piecewise hashing tool
  • dep: ssldump
    SSLv3/TLS network protocol analyzer
  • dep: statsprocessor
    word generator based on per-position Markov chains
  • dep: steghide
    steganography hiding tool
  • dep: stegsnow
    steganography using ASCII files
  • dep: sucrack
    multithreaded su bruteforcer
  • dep: tableau-parm
    tableau write-blocking bridge query/command utility
  • dep: tcpick
    TCP stream sniffer and connection tracker
  • dep: testssl.sh
    Command line tool to check TLS/SSL ciphers, protocols and cryptographic flaws
  • dep: undbx
    tool to extract, recover and undelete e-mail messages from .dbx files
  • dep: unhide
    Forensic tool to find hidden processes and ports
  • dep: unhide.rb
    Forensics tool to find processes hidden by rootkits
  • dep: vinetto
    forensics tool to examine Thumbs.db files
  • dep: wapiti
    web application vulnerability scanner
  • dep: wfuzz
    Web application bruteforcer
  • dep: winregfs
    Windows registry FUSE filesystem
  • dep: wipe
    secure file deletion
  • dep: xmount
    tool to crossmount between multiple input and output harddisk images
  • dep: yara
    Pattern matching swiss knife for malware researchers
  • rec: aircrack-ng
    wireless WEP/WPA cracking utilities
  • rec: de4dot
    Package not available
  • rec: ext3grep
    tool to help recover deleted files on ext3 filesystems
  • rec: gpart
    Guess PC disk partition table, find lost partitions
  • rec: hashcat
    World's fastest and most advanced password recovery utility
  • rec: ike-scan
    discover and fingerprint IKE hosts (IPsec VPN Servers)
  • rec: mdk3
    Wireless attack tool for IEEE 802.11 networks
  • rec: mdk4
    Wireless attack tool for IEEE 802.11 networks
  • rec: plaso
    Package not available
  • rec: radare2
    free and advanced command line hexadecimal editor
  • rec: rekall-core
    Package not available
  • rec: wifite
    Python script to automate wireless auditing using aircrack-ng tools

Download forensics-all

Download for all available architectures
Architecture Package Size Installed Size Files
all 7.2 kB15 kB [list of files]