autopsy : A graphical interface to the digital forensic analysis tools in The Sleuth Kit ( http://www.sleuthkit.org/autopsy/ )
bulk_extractor : Scans a disk image, directory or file and extracts useful information ( http://www.forensicswiki.org/wiki/Bulk_extractor )
rdd : Rdd is a forensic copy program ( http://www.sf.net/projects/rdd )
reglookup : An utility for reading and querying Windows NT/2K/XP registries ( http://projects.sentinelchicken.org/reglookup/ )
rekall-core : Rekall Memory Forensic Framework ( http://www.rekall-forensic.com/ )
sleuthkit : A collection of file system and media management forensic analysis tools ( https://www.sleuthkit.org/sleuthkit/ )
tcpxtract : Extracts files from network packet captures ( http://tcpxtract.sourceforge.net/ )
volatility : Framework for analyzing volatile memory ( http://www.volatilityfoundation.org/ )
xmount : Convert on-the-fly between multiple input and output harddisk image types ( https://www.pinguin.lu/xmount )
yara : A malware identification and classification tool ( http://virustotal.github.io/yara/ )
yim2text : A python script to decode yahoo instant message archive files ( http://www.1vs0.com/tools.html )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a glicOne
For Paludis use this rsync : rsync://gentoo.zugaina.org/glicOne-portage
If you have a problem : ycarus(-at-)zugaina.org