afflib : Library that implements the AFF image standard ( https://github.com/simsong/AFFLIBv3/ )
afl : american fuzzy lop - compile-time instrumentation fuzzer ( http://lcamtuf.coredump.cx/afl/ )
aide : AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire ( http://aide.sourceforge.net/ )
air : A GUI front-end to dd/dc3dd ( http://air-imager.sourceforge.net/ )
autopsy : A graphical interface to the digital forensic analysis tools in The Sleuth Kit ( http://www.sleuthkit.org/autopsy/ )
chkrootkit : Tool to locally check for signs of a rootkit ( http://www.chkrootkit.org/ )
cmospwd : CmosPwd decrypts password stored in cmos used to access BIOS SETUP ( http://www.cgsecurity.org/wiki/CmosPwd )
examiner : Application that utilizes the objdump command to disassemble and comment foreign executable binaries ( http://www.academicunderground.org/examiner/ )
foremost : A console program to recover files based on their headers and footers ( http://foremost.sourceforge.net/ )
galleta : IE Cookie Parser ( http://sourceforge.net/projects/odessa/ )
libbfio : Library for providing a basic file input/output abstraction layer ( https://github.com/libyal/libbfio )
libewf : Implementation of the EWF (SMART and EnCase) image format ( https://github.com/libyal/libewf )
lynis : Security and system auditing tool ( http://cisofy.com/lynis/ )
mac-robber : mac-robber is a digital forensics and incident response tool that collects data ( http://www.sleuthkit.org/mac-robber/index.php )
magicrescue : Find deleted files in block devices ( http://www.itu.dk/people/jobr/magicrescue/ )
memdump : Simple memory dumper for UNIX-Like systems ( http://www.porcupine.org/forensics )
openscap : Framework which enables integration with the Security Content Automation Protocol (SCAP) ( http://www.open-scap.org/ )
ovaldi : Free implementation of OVAL ( http://oval.mitre.org/language/interpreter.html )
pasco : IE Activity Parser ( http://sourceforge.net/projects/odessa/ )
rdd : Rdd is a forensic copy program ( http://www.sf.net/projects/rdd )
rifiuti : Recycle Bin Analyzer ( http://sourceforge.net/projects/odessa/ )
rkhunter : Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers ( http://rkhunter.sf.net/ )
scalpel : A high performance file carver ( http://www.digitalforensicssolutions.com/Scalpel/ )
sleuthkit : A collection of file system and media management forensic analysis tools ( http://www.sleuthkit.org/sleuthkit/ )
unhide : A forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs or other technique ( http://www.unhide-forensics.info )
volatility : Framework for analyzing volatile memory ( http://www.volatilityfoundation.org/ )
yasat : Security and system auditing tool ( http://yasat.sourceforge.net )
zzuf : Transparent application input fuzzer ( http://libcaca.zoy.org/wiki/zzuf/ )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a funtoo
For Paludis use this rsync : rsync://gentoo.zugaina.org/funtoo-portage
If you have a problem : ycarus(-at-)zugaina.org