Welcome to the new packages.gentoo.org! Please let us know about any issues you encounter and share your feedback here.


The app-forensics category contains software which helps detect and analyse security breaches.

All packages

afflib Library that implements the AFF image standard
afl american fuzzy lop - compile-time instrumentation fuzzer
aide AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire
air A GUI front-end to dd/dc3dd
autopsy A graphical interface to the digital forensic analysis tools in The Sleuth Kit
chkrootkit Tool to locally check for signs of a rootkit
cmospwd CmosPwd decrypts password stored in cmos used to access BIOS SETUP
examiner Application that utilizes the objdump command to disassemble and comment foreign executable binaries
foremost A console program to recover files based on their headers and footers
galleta IE Cookie Parser
libbfio Library for providing a basic file input/output abstraction layer
libewf Implementation of the EWF (SMART and EnCase) image format
lynis Security and system auditing tool
mac-robber mac-robber is a digital forensics and incident response tool that collects data
magicrescue Find deleted files in block devices
memdump Simple memory dumper for UNIX-Like systems
openscap Framework which enables integration with the Security Content Automation Protocol (SCAP)
ovaldi Free implementation of OVAL
pasco IE Activity Parser
rdd Rdd is a forensic copy program
rifiuti Recycle Bin Analyzer
rkhunter Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers
scalpel A high performance file carver
sleuthkit A collection of file system and media management forensic analysis tools
unhide A forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs or other technique
volatility Framework for analyzing volatile memory
yasat Security and system auditing tool
zzuf Transparent application input fuzzer


28 Packages