autopsy : A graphical interface to the digital forensic analysis tools in The Sleuth Kit. ( http://www.sleuthkit.org/autopsy/ )
bulk_extractor : Scans a disk image, directory or file and extracts useful information ( http://www.forensicswiki.org/wiki/Bulk_extractor )
dc3dd : Patched version of dd with features intended for forensic acquisition of data ( http://dc3dd.sourceforge.net )
dfvfs : Digital Forensics Virtual File System provides read-only access to file-system objects from various storage media types and file formats ( https://github.com/log2timeline/dfvfs )
dpapick : Open-source tool that allows decryption of DPAPI structures in an offline way ( http://www.dpapick.com )
guymager : Guymager is a fast and user friendly forensic imager. ( http://guymager.sourceforge.net/ )
libbfio : Library for providing a basic file input/output abstraction layer ( https://code.google.com/p/libbfio/ )
libewf : Implementation of the EWF (SMART and EnCase) image format ( http://libewf.sourceforge.net )
libolecf : Library and tools to access the OLE 2 Compound File (OLECF) format ( https://github.com/libyal/libolecf )
libpff : Library and tools to access the PFF (Personal Folder File) format, used in PST and OST ( http://github.com/libyal/libpff )
libqcow : Library and tooling to support the QEMU Copy-On-Write (QCOW) image format ( https://github.com/libyal/libqcow/ )
libsigscan : Library for binary signature scanning. ( https://github.com/libyal/libsigscan )
libsmdev : Library providing device abstraction ( http://github.com/libyal/libsmdev/ )
libsmraw : Library to support the storage media (SM) (split) RAW format ( https://github.com/libyal/libsmraw/ )
libvhdi : Library and tools to support the Virtual Hard Disk (VHD) image format ( https://github.com/libyal/libvhdi/ )
libvmdk : Library and tools to access the VMware Virtual Disk (VMDK) image format ( https://github.com/libyal/libvmdk )
libvshadow : Library and tools to support the Volume Shadow Snapshot (VSS) format. ( http://github.com/libyal/libvshadow/ )
log2timeline : Log2timeline super timeline tool ( http://code.google.com/p/log2timeline/ )
make-pdf : This tool will embed javascript inside a PDF document ( http://blog.didierstevens.com/programs/pdf-tools/ )
origami-pdf : A Ruby framework designed to parse, analyze, and forge PDF documents ( https://code.google.com/p/origami-pdf/ )
pdf-parser : This tool will parse a PDF document to identify the fundamental elements used ( http://blog.didierstevens.com/programs/pdf-tools/ )
plaso : A tool designed to extract timestamps from various files found on a typical computer system(s) and aggregate them. ( https://github.com/log2timeline/plaso/ )
pytsk : Python bindings for the Sleuthkit ( https://github.com/py4n6/pytsk/ )
sleuthkit : A collection of file system and media management forensic analysis tools ( http://www.sleuthkit.org/sleuthkit/ )
stegdetect : A Steganography detector for JPEG ( http://www.outguess.org/ )
streams : streams is a tool for browsing, mining and processing TCP streams in pcap files ( http://src.carnivore.it/streams/about )
tableau-parm : A small command line utility designed to interact with Tableau forensic write blockers ( http://projects.sentinelchicken.org/tableau-parm/ )
tcpxtract : Extracts files from network packet captures ( http://tcpxtract.sourceforge.net/ )
xmount : Convert on-the-fly between multiple input and output harddisk image types ( https://www.pinguin.lu/xmount )
yara : A malware identification and classification tool ( http://plusvic.github.io/yara/ )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a spike
For Paludis use this rsync : rsync://gentoo.zugaina.org/spike-portage
If you have a problem : ycarus(-at-)zugaina.org