acstore : A stand-alone implementation to read and write Attribute Container stores ( https://github.com/log2timeline/acstore )
dfvfs : Digital Forensics Virtual File System (dfVFS) ( https://github.com/log2timeline/dfvfs )
dfwinreg : Digital Forensics Windows Registry (dfWinReg) ( https://github.com/log2timeline/dfwinreg )
ftimes : A system baselining and evidence collection tool ( http://ftimes.sourceforge.net/FTimes/ )
hindsight : Internet history forensics for Google Chrome/Chromium ( https://github.com/obsidianforensics/hindsight )
libbde : Library and tools to access BitLocker Drive Encryption (BDE) encrypted volumes ( https://github.com/libyal/libbde )
liblnk : Library and tools to access the Windows Shortcut File (LNK) format ( https://github.com/libyal/liblnk )
libvsapm : Library and tools to access the Apple Partition Map (APM) volume system format ( https://github.com/libyal/libvsapm )
log2timeline : Create forensic supertimelines in Perl ( https://github.com/thinrope/log2timeline )
plaso : Plaso (log2timeline) is a framework to create super timelines. ( https://github.com/log2timeline/plaso )
pytsk : Python bindings for The Sleuthkit (libtsk) ( https://github.com/py4n6/pytsk/ )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a pkalin
For Paludis use this rsync : rsync://gentoo.zugaina.org/pkalin-portage
If you have a problem : ycarus(-at-)zugaina.org