acstore : A stand-alone implementation to read and write Attribute Container stores ( https://github.com/log2timeline/acstore )
dfvfs : Digital Forensics Virtual File System (dfVFS) ( https://github.com/log2timeline/dfvfs )
dfwinreg : Digital Forensics Windows Registry (dfWinReg) ( https://github.com/log2timeline/dfwinreg )
ftimes : A system baselining and evidence collection tool ( http://ftimes.sourceforge.net/FTimes/ )
hindsight : Internet history forensics for Google Chrome/Chromium ( https://github.com/obsidianforensics/hindsight )
libbde : Library and tools to access BitLocker Drive Encryption (BDE) encrypted volumes ( https://github.com/libyal/libbde )
libesedb : Library and tools to access the Extensible Storage Engine Database File format. ( https://github.com/libyal/libesedb )
libevtx : Library and tools to access the Windows XML Event Log (EVTX) format ( https://github.com/libyal/libevtx )
libexe : Library and tools to access the executable (EXE) format ( https://github.com/libyal/libexe )
liblnk : Library and tools to access the Windows Shortcut File (LNK) format ( https://github.com/libyal/liblnk )
libscca : Library and tools to access the Windows Prefetch File (SCCA) format. ( https://github.com/libyal/libscca )
libvsapm : Library and tools to access the Apple Partition Map (APM) volume system format ( https://github.com/libyal/libvsapm )
log2timeline : Create forensic supertimelines in Perl ( https://github.com/thinrope/log2timeline )
plaso : Plaso (log2timeline) is a framework to create super timelines. ( https://github.com/log2timeline/plaso )
pytsk : Python bindings for The Sleuthkit (libtsk) ( https://github.com/py4n6/pytsk/ )
xmount : Convert on-the-fly between multiple input and output harddisk image types ( https://www.sits.lu/xmount )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a pkalin
For Paludis use this rsync : rsync://gentoo.zugaina.org/pkalin-portage
If you have a problem : ycarus(-at-)zugaina.org