ftimes : A system baselining and evidence collection tool ( http://ftimes.sourceforge.net/FTimes/ )
grr : GRR Rapid Response is an Incident Response Framework ( https://github.com/google/grr )
hindsight : Internet history forensics for Google Chrome/Chromium ( https://github.com/obsidianforensics/hindsight )
indxparse : INDXParse: Tool suite for inspecting NTFS artifacts ( https://github.com/williballenthin/INDXParse )
libbfio : Library for providing a basic file input/output abstraction layer ( https://github.com/libyal/libbfio )
libewf : Implementation of the EWF (SMART and EnCase) image format ( https://github.com/libyal/libewf/ )
log2timeline : Create forensic supertimelines in Perl ( https://github.com/thinrope/log2timeline )
pytsk : Python bindings for Sleuthkit ( https://github.com/py4n6/pytsk/ )
rekall-core : Rekall Memory Forensic Framework ( http://www.rekall-forensic.com/ )
rekall-gui : Rekall Memory Forensic Framework ( http://www.rekall-forensic.com/ )
scap-security-guide : Baseline compliance content in SCAP formats ( http://www.open-scap.org/security-policies/scap-security-guide )
sleuthkit : A collection of file system and media management forensic analysis tools ( https://www.sleuthkit.org/sleuthkit/ )
volatility : Forensic tool for analyzing volatile memory ( http://www.volatilityfoundation.org/ )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a pkalin
For Paludis use this rsync : rsync://gentoo.zugaina.org/pkalin-portage
If you have a problem : ycarus(-at-)zugaina.org