Gentoo Packages

Category: app-forensics

• acstore - Ebuilds: 1, Testing: 20240407
  Description: A stand-alone implementation to read and write Attribute Container stores
  Homepage: https://github.com/log2timeline/acstore
  License: Apache-2.0
• dfvfs - Ebuilds: 3, Testing: 20240505
  Description: Digital Forensics Virtual File System (dfVFS)
  Homepage: https://github.com/log2timeline/dfvfs
  License: Apache-2.0
• dfwinreg - Ebuilds: 3, Testing: 20240316
  Description: Digital Forensics Windows Registry (dfWinReg)
  Homepage: https://github.com/log2timeline/dfwinreg
  License: Apache-2.0
• ftimes - Ebuilds: 2, Testing: 3.13.0
  Description: A system baselining and evidence collection tool
  Homepage: http://ftimes.sourceforge.net/FTimes/
  License: BSD
• hindsight - Ebuilds: 2, Snapshot: 9999
  Description: Internet history forensics for Google Chrome/Chromium
  Homepage: https://github.com/obsidianforensics/hindsight
  License: Apache-2.0
• libbde - Ebuilds: 1, Stable: 20240502, Testing: 20240502
  Description: Library and tools to access BitLocker Drive Encryption (BDE) encrypted volumes
  Homepage: https://github.com/libyal/libbde
  License: LGPL-3
• libbfio - Ebuilds: 1, Stable: 20240414, Testing: 20240414
  Description: Library for providing a basic file input/output abstraction layer
  Homepage: https://github.com/libyal/libbfio
  License: LGPL-3
• libesedb - Ebuilds: 1, Stable: 20240420, Testing: 20240420
  Description: Library and tools to access the Extensible Storage Engine Database File format.
  Homepage: https://github.com/libyal/libesedb
  License: LGPL-3
• libevtx - Ebuilds: 1, Stable: 20240504, Testing: 20240504
  Description: Library and tools to access the Windows XML Event Log (EVTX) format
  Homepage: https://github.com/libyal/libevtx
  License: LGPL-3
• libexe - Ebuilds: 1, Stable: 20240420, Testing: 20240420
  Description: Library and tools to access the executable (EXE) format
  Homepage: https://github.com/libyal/libexe
  License: LGPL-3
• libklel - Ebuilds: 1, Testing: 1.2.0
  Description: A system baselining and evidence collection tool
  Homepage: https://github.com/KoreLogicSecurity/libklel
  License: BSD
• liblnk - Ebuilds: 2, Stable: 20240423, Testing: 20240423
  Description: Library and tools to access the Windows Shortcut File (LNK) format
  Homepage: https://github.com/libyal/liblnk
  License: LGPL-3
• libscca - Ebuilds: 1, Stable: 20240427, Testing: 20240427
  Description: Library and tools to access the Windows Prefetch File (SCCA) format.
  Homepage: https://github.com/libyal/libscca
  License: LGPL-3
• libvsapm - Ebuilds: 1, Stable: 20240503
  Description: Library and tools to access the Apple Partition Map (APM) volume system format
  Homepage: https://github.com/libyal/libvsapm
  License: LGPL-3
• log2timeline - Ebuilds: 1, Testing: 0.66-r3
  Description: Create forensic supertimelines in Perl
  Homepage: https://github.com/thinrope/log2timeline
  License: GPL-3
• peepdf - Ebuilds: 1, Testing: 0.4.3
  Description: Python tool to explore PDF files (fork of)
  Homepage: http://eternal-todo.com/
  License: GPL-3
• plaso - Ebuilds: 2, Testing: 20251119
  Description: Plaso (log2timeline) is a framework to create super timelines.
  Homepage: https://github.com/log2timeline/plaso
  License: Apache-2.0
• sleuthkit - Ebuilds: 1, Stable: 4.14.0, Testing: 4.14.0
  Description: A collection of file system and media management forensic analysis tools
  Homepage: https://www.sleuthkit.org/sleuthkit/
  License: BSD CPL-1.0 GPL-2+ IBM java? ( Apache-2.0 )
• xmount - Ebuilds: 1, Testing: 1.1.1
  Description: Convert on-the-fly between multiple input and output harddisk image types
  Homepage: https://www.sits.lu/xmount
  License: GPL-3