mikas blog

Repeating what I did for the last Debian release with the #newinwheezy game it’s time for the #newinjessie game:

Debian/jessie AKA Debian 8.0 includes a bunch of packages for people interested in digital forensics. The packages maintained within the Debian Forensics team which are new in the Debian/jessie stable release as compared to Debian/wheezy (and ignoring wheezy-backports):

• ext4magic: recover deleted files from ext3 or ext4 partitions
• libbfio1: Library to provide basic input/output abstraction
• lime-forensics-dkms: kernel module to memory dump
• mac-robber: collects data about allocated files in mounted filesystems
• pff-tools: library to access various ms outlook files formats/tools to exports PAB, PST and OST files
• ssdeep: Recursive piecewise hashing tool (note: was present in squeeze but not in wheezy)
• volatility: advanced memory forensics framework
• yara: help to identify and classify malwares

Join the #newinjessie game and present packages which are new in Debian/jessie.

This entry was posted by mika on Friday, April 24th, 2015 at 16:54 and is filed under Computer, Debian, English, Open Source. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.