Ycarus Gentoo ebuild

afflib : Library that implements the AFF image standard ( https://github.com/simsong/AFFLIBv3/ )

• app-forensics/afflib/afflib-3.7.4
• app-forensics/afflib/files/afflib-3.7.1-python-module.patch
• app-forensics/afflib/files/afflib-3.6.12-pyaff-header.patch

afl : american fuzzy lop - compile-time instrumentation fuzzer ( http://lcamtuf.coredump.cx/afl/ )

• app-forensics/afl/afl-1.80b

aide : AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire ( http://aide.sourceforge.net/ )

• app-forensics/aide/aide-0.15.1
• app-forensics/aide/files/aide-0.15.1-gentoo.patch
• app-forensics/aide/files/aide-0.14-as-needed.patch
• app-forensics/aide/files/aide-0.14-configure.patch
• app-forensics/aide/files/aide.conf
• app-forensics/aide/files/aideinit
• app-forensics/aide/files/aide.cron

air : A GUI front-end to dd/dc3dd ( http://air-imager.sourceforge.net/ )

• app-forensics/air/air-2.0.0-r1

autopsy : A graphical interface to the digital forensic analysis tools in The Sleuth Kit ( http://www.sleuthkit.org/autopsy/ )

• app-forensics/autopsy/autopsy-2.24-r1

chkrootkit : Tool to locally check for signs of a rootkit ( http://www.chkrootkit.org/ )

• app-forensics/chkrootkit/chkrootkit-0.49
• app-forensics/chkrootkit/files/chkrootkit.cron

cmospwd : CmosPwd decrypts password stored in cmos used to access BIOS SETUP ( http://www.cgsecurity.org/wiki/CmosPwd )

• app-forensics/cmospwd/cmospwd-5.1

examiner : Application that utilizes the objdump command to disassemble and comment foreign executable binaries ( http://www.academicunderground.org/examiner/ )

• app-forensics/examiner/examiner-0.5-r2
• app-forensics/examiner/files/examiner-0.5-perl.patch

foremost : A console program to recover files based on their headers and footers ( http://foremost.sourceforge.net/ )

• app-forensics/foremost/foremost-1.5.7-r2
• app-forensics/foremost/files/foremost-1.4-config-location.patch
• app-forensics/foremost/files/foremost-1.5.7-format-security.patch

galleta : IE Cookie Parser ( http://sourceforge.net/projects/odessa/ )

• app-forensics/galleta/galleta-20040505_p1

libbfio : Library for providing a basic file input/output abstraction layer ( https://github.com/libyal/libbfio )

• app-forensics/libbfio/libbfio-0.0.20130721

libewf : Implementation of the EWF (SMART and EnCase) image format ( https://github.com/libyal/libewf )

• app-forensics/libewf/libewf-20140608

lynis : Security and system auditing tool ( http://cisofy.com/lynis/ )

• app-forensics/lynis/lynis-2.1.1
• app-forensics/lynis/files/lynis.cron-new

mac-robber : mac-robber is a digital forensics and incident response tool that collects data ( http://www.sleuthkit.org/mac-robber/index.php )

• app-forensics/mac-robber/mac-robber-1.02

magicrescue : Find deleted files in block devices ( http://www.itu.dk/people/jobr/magicrescue/ )

• app-forensics/magicrescue/magicrescue-1.1.9
• app-forensics/magicrescue/files/magicrescue-1.1.9-makefile.patch
• app-forensics/magicrescue/files/magicrescue-1.1.9-ldflags.patch

memdump : Simple memory dumper for UNIX-Like systems ( http://www.porcupine.org/forensics )

• app-forensics/memdump/memdump-1.01
• app-forensics/memdump/files/memdump-1.01-linux3.patch

openscap : Framework which enables integration with the Security Content Automation Protocol (SCAP) ( http://www.open-scap.org/ )

• app-forensics/openscap/openscap-9999

ovaldi : Free implementation of OVAL ( http://oval.mitre.org/language/interpreter.html )

• app-forensics/ovaldi/ovaldi-5.10.1.4
• app-forensics/ovaldi/files/ovaldi-5.10.1.4-xerces3.patch
• app-forensics/ovaldi/files/ovaldi-5.10.1.4-strnicmp.patch
• app-forensics/ovaldi/files/disable-acl.patch
• app-forensics/ovaldi/files/use_local_rpmdb.patch
• app-forensics/ovaldi/files/rpmdb.patch
• app-forensics/ovaldi/files/ovaldi-5.10.1.4-disable-selinux-probes.patch

pasco : IE Activity Parser ( http://sourceforge.net/projects/odessa/ )

• app-forensics/pasco/pasco-20040505_p1-r1

rdd : Rdd is a forensic copy program ( http://www.sf.net/projects/rdd )

• app-forensics/rdd/rdd-3.0.4-r1
• app-forensics/rdd/files/rdd-3.0.4-sandbox-fix.patch

rifiuti : Recycle Bin Analyzer ( http://sourceforge.net/projects/odessa/ )

• app-forensics/rifiuti/rifiuti-20040505_p1

rkhunter : Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers ( http://rkhunter.sf.net/ )

• app-forensics/rkhunter/rkhunter-1.4.2
• app-forensics/rkhunter/files/rkhunter-1.4.2.conf.patch
• app-forensics/rkhunter/files/rkhunter-1.3.cron
• app-forensics/rkhunter/files/rkhunter.bash-completion

scalpel : A high performance file carver ( http://www.digitalforensicssolutions.com/Scalpel/ )

• app-forensics/scalpel/scalpel-2.0

sleuthkit : A collection of file system and media management forensic analysis tools ( http://www.sleuthkit.org/sleuthkit/ )

• app-forensics/sleuthkit/sleuthkit-4.1.3
• app-forensics/sleuthkit/files/sleuthkit-4.1.0-system-sqlite.patch
• app-forensics/sleuthkit/files/sleuthkit-4.1.0-tools-shared-libs.patch

unhide : A forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs or other technique ( http://www.unhide-forensics.info )

• app-forensics/unhide/unhide-20130526

volatility : Framework for analyzing volatile memory ( http://www.volatilityfoundation.org/ )

• app-forensics/volatility/volatility-2.4.1

yasat : Security and system auditing tool ( http://yasat.sourceforge.net )

• app-forensics/yasat/yasat-839

zzuf : Transparent application input fuzzer ( http://libcaca.zoy.org/wiki/zzuf/ )

• app-forensics/zzuf/zzuf-0.13-r1