The sysutils/sleuthkit port
sleuthkit-4.10.1 – forensic toolkit based on TCT (cvsweb github mirror)
Description
The Sleuth Kit (previously known as TASK) is the only open source forensic toolkit for a complete analysis of Microsoft and UNIX file systems. It enables investigators to identify and recover evidence from images acquired during incident response or from live systems. Some of its features : * Analyzes images generated by the open source 'dd' utility, found on all UNIX systems and available for Windows systems. * Supports the NTFS, FAT, FFS, and EXT2FS file systems. Images of a different endian ordering than the analysis system can be used. * The tools are organized in a layered approach, where the names in each layer start with the same letter to help the user identify the function of the tool. The layers include File System, File Name (directory entries and NTFS index trees), Meta-Data (UNIX inodes and NTFS MFT entries), and Content (blocks and clusters). * Identifies deleted files by name and location. * Identifies the status of content units (blocks and clusters) and meta-data structures. * Maps the relationship of objects across different layers.WWW: https://www.sleuthkit.org/
Maintainer
Remi Pointel
Only for arches
aarch64 alpha amd64 arm hppa i386 mips64 mips64el powerpc powerpc64 riscv64 sparc64
Categories
Library dependencies
Build dependencies
Run dependencies
Files
- /usr/local/bin/blkcalc
- /usr/local/bin/blkcat
- /usr/local/bin/blkls
- /usr/local/bin/blkstat
- /usr/local/bin/fcat
- /usr/local/bin/ffind
- /usr/local/bin/fiwalk
- /usr/local/bin/fls
- /usr/local/bin/fsstat
- /usr/local/bin/hfind
- /usr/local/bin/icat
- /usr/local/bin/ifind
- /usr/local/bin/ils
- /usr/local/bin/img_cat
- /usr/local/bin/img_stat
- /usr/local/bin/istat
- /usr/local/bin/jcat
- /usr/local/bin/jls
- /usr/local/bin/jpeg_extract
- /usr/local/bin/mactime
- /usr/local/bin/mmcat
- /usr/local/bin/mmls
- /usr/local/bin/mmstat
- /usr/local/bin/pstat.sleuthkit
- /usr/local/bin/sigfind
- /usr/local/bin/sorter
- /usr/local/bin/srch_strings
- /usr/local/bin/tsk_comparedir
- /usr/local/bin/tsk_gettimes
- /usr/local/bin/tsk_loaddb
- /usr/local/bin/tsk_recover
- /usr/local/bin/usnjls
- /usr/local/include/tsk/
- /usr/local/include/tsk/auto/
- /usr/local/include/tsk/auto/guid.h
- /usr/local/include/tsk/auto/tsk_auto.h
- /usr/local/include/tsk/auto/tsk_is_image_supported.h
- /usr/local/include/tsk/base/
- /usr/local/include/tsk/base/tsk_base.h
- /usr/local/include/tsk/base/tsk_os.h
- /usr/local/include/tsk/fs/
- /usr/local/include/tsk/fs/apfs_compat.hpp
- /usr/local/include/tsk/fs/apfs_fs.h
- /usr/local/include/tsk/fs/apfs_fs.hpp
- /usr/local/include/tsk/fs/decmpfs.h
- /usr/local/include/tsk/fs/tsk_apfs.h
- /usr/local/include/tsk/fs/tsk_apfs.hpp
- /usr/local/include/tsk/fs/tsk_exfatfs.h
- /usr/local/include/tsk/fs/tsk_ext2fs.h
- /usr/local/include/tsk/fs/tsk_fatfs.h
- /usr/local/include/tsk/fs/tsk_fatxxfs.h
- /usr/local/include/tsk/fs/tsk_ffs.h
- /usr/local/include/tsk/fs/tsk_fs.h
- /usr/local/include/tsk/fs/tsk_hfs.h
- /usr/local/include/tsk/fs/tsk_iso9660.h
- /usr/local/include/tsk/fs/tsk_ntfs.h
- /usr/local/include/tsk/fs/tsk_yaffs.h
- /usr/local/include/tsk/hashdb/
- /usr/local/include/tsk/hashdb/tsk_hashdb.h
- /usr/local/include/tsk/img/
- /usr/local/include/tsk/img/pool.hpp
- /usr/local/include/tsk/img/tsk_img.h
- /usr/local/include/tsk/libtsk.h
- /usr/local/include/tsk/pool/
- /usr/local/include/tsk/pool/apfs_pool_compat.hpp
- /usr/local/include/tsk/pool/pool_compat.hpp
- /usr/local/include/tsk/pool/tsk_apfs.h
- /usr/local/include/tsk/pool/tsk_apfs.hpp
- /usr/local/include/tsk/pool/tsk_pool.h
- /usr/local/include/tsk/pool/tsk_pool.hpp
- /usr/local/include/tsk/tsk_incs.h
- /usr/local/include/tsk/util/
- /usr/local/include/tsk/util/crypto.hpp
- /usr/local/include/tsk/util/lw_shared_ptr.hpp
- /usr/local/include/tsk/util/span.hpp
- /usr/local/include/tsk/vs/
- /usr/local/include/tsk/vs/tsk_bsd.h
- /usr/local/include/tsk/vs/tsk_dos.h
- /usr/local/include/tsk/vs/tsk_gpt.h
- /usr/local/include/tsk/vs/tsk_mac.h
- /usr/local/include/tsk/vs/tsk_sun.h
- /usr/local/include/tsk/vs/tsk_vs.h
- /usr/local/lib/libtsk.a
- /usr/local/lib/libtsk.la
- /usr/local/lib/libtsk.so.3.0
- /usr/local/man/man1/blkcalc.1
- /usr/local/man/man1/blkcat.1
- /usr/local/man/man1/blkls.1
- /usr/local/man/man1/blkstat.1
- /usr/local/man/man1/fcat.1
- /usr/local/man/man1/ffind.1
- /usr/local/man/man1/fls.1
- /usr/local/man/man1/fsstat.1
- /usr/local/man/man1/hfind.1
- /usr/local/man/man1/icat.1
- /usr/local/man/man1/ifind.1
- /usr/local/man/man1/ils.1
- /usr/local/man/man1/img_cat.1
- /usr/local/man/man1/img_stat.1
- /usr/local/man/man1/istat.1
- /usr/local/man/man1/jcat.1
- /usr/local/man/man1/jls.1
- /usr/local/man/man1/mactime.1
- /usr/local/man/man1/mmcat.1
- /usr/local/man/man1/mmls.1
- /usr/local/man/man1/mmstat.1
- /usr/local/man/man1/sigfind.1
- /usr/local/man/man1/sorter.1
- /usr/local/man/man1/tsk_comparedir.1
- /usr/local/man/man1/tsk_gettimes.1
- /usr/local/man/man1/tsk_loaddb.1
- /usr/local/man/man1/tsk_recover.1
- /usr/local/man/man1/usnjls.1
- /usr/local/share/tsk/
- /usr/local/share/tsk/sorter/
- /usr/local/share/tsk/sorter/default.sort
- /usr/local/share/tsk/sorter/freebsd.sort
- /usr/local/share/tsk/sorter/images.sort
- /usr/local/share/tsk/sorter/linux.sort
- /usr/local/share/tsk/sorter/openbsd.sort
- /usr/local/share/tsk/sorter/solaris.sort
- /usr/local/share/tsk/sorter/windows.sort
- @conflict freeze-*
- @conflict ja-jvim-*