forensics-all for Debian ------------------------ LIST OF PACKAGES INSTALLED BY forensics-all DEBIAN PACKAGE COMMON PACKAGES (available for all machines) acct - GNU Accounting utilities for process and login accounting aesfix - tool for correcting bit errors in an AES key schedule afflib-tools - Advanced Forensics Format Library (utilities) braa - Mass SNMP scanner bruteforce-salted-openssl - try to find the passphrase for files encrypted with OpenSSL bruteforce-wallet - try to find the password of an encrypted wallet file brutespray - Python bruteforce tool btscanner - ncurses-based scanner for Bluetooth devices capstone-tool - lightweight multi-architecture disassembly framework - command line tool ccrypt - secure encryption and decryption of files and streams cewl - custom word list generator chaosreader - trace network sessions and export it to html format chkrootkit - rootkit detector cisco7crack - Crypt and decrypt the cisco type 7 passwords cowpatty - Brute-force WPA dictionary attack creddump7 - Python tool to extract credentials and secrets from Windows registry hives dc3dd - patched version of GNU dd with forensic features de4dot - .NET deobfuscator and unpacker dirb - URL bruteforcing tool dislocker - read/write encrypted BitLocker volumes dnsrecon - Powerful DNS enumeration script doona - Network fuzzer forked from bed dsniff - Various tools to sniff network traffic for cleartext insecurities ed2k-hash - tool for generating ed2k-links exifprobe - read metadata from digital pictures ext4magic - recover deleted files from ext3 or ext4 partitions extundelete - utility to recover deleted files from ext3/ext4 partition fatcat - FAT filesystem explore, extract, repair, and forensic tool fcrackzip - password cracker for zip archives forensic-artifacts - knowledge base of forensic artifacts (data files) forensics-colorize - show differences between files using color graphics galleta - Internet Explorer cookie forensic analysis tool grokevt - scripts for reading Microsoft Windows event log files hashdeep - recursively compute hashsums or piecewise hashings hashid - Identify the different types of hashes used to encrypt data hashrat - hashing tool supporting several hashes and recursivity hcxkeys - Tools to generate plainmasterkeys (rainbowtables) hcxtools - Tools for converting captures to use with hashcat or John the Ripper hydra - very fast network logon cracker john - active password cracking tool mac-robber - collects data about allocated files in mounted filesystems magicrescue - recover files by looking for magic bytes maskprocessor - high-performance word generator with a per-position configurable charset masscan - TCP port scanner medusa - fast, parallel, modular, login brute-forcer for network services memdump - utility to dump memory contents to standard output metacam - extract EXIF information from digital camera files mfcuk - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker missidentify - find win32 applications myrescue - rescue data from damaged disks nasty - tool which helps you to recover your GPG passphrase nbtscan - scan networks searching for NetBIOS information ncat - NMAP netcat reimplementation ncrack - High-speed network authentication cracking tool ndiff - The Network Mapper - result compare utility o-saft - SSL advanced forensic tool ophcrack-cli - Microsoft Windows password cracker using rainbow tables (cmdline) outguess - universal steganographic tool pasco - Internet Explorer cache forensic analysis tool patator - Multi-purpose brute-forcer pff-tools - utilities for MS Outlook PAB, PST and OST files pipebench - measure the speed of stdin/stdout communication pixiewps - Offline WPS bruteforce tool pnscan - Multi threaded port scanner polenum - Extracts the password policy from a Windows system pompem - Exploit and Vulnerability Finder recoverdm - recover files on disks with damaged sectors recoverjpeg - recover JFIF (JPEG) pictures and MOV movies reglookup - utility to analysis for Windows NT-based registry regripper - perform forensic analysis of registry hives rephrase - Specialized passphrase recovery tool for GnuPG rhash - utility for computing hash sums and magnet links rifiuti - MS Windows recycle bin analysis tool rifiuti2 - replacement for rifiuti, a MS Windows recycle bin analysis tool rkhunter - rootkit, backdoor, sniffer and exploit scanner rsakeyfind - locates BER-encoded RSA private keys in memory images safecopy - data recovery tool for problematic or damaged media samdump2 - Dump Windows 2k/NT/XP password hashes scalpel - fast filesystem-independent file recovery scrounge-ntfs - Data recovery program for NTFS filesystems shed - simple hex editor with a pico-style interface sleuthkit - tools for forensics analysis on volume and filesystem data smbmap - handy SMB enumeration tool snowdrop - plain text watermarking and watermark recovery ssdeep - recursive piecewise hashing tool ssldump - SSLv3/TLS network protocol analyzer statsprocessor - word generator based on per-position Markov chains stegcracker - steganography brute-force tool steghide - steganography hiding tool stegseek - Worlds fastest steghide cracker stegsnow - steganography using ASCII files sucrack - multithreaded su bruteforcer tableau-parm - tableau write-blocking bridge query/command utility tcpick - TCP stream sniffer and connection tracker testssl.sh - Command line tool to check TLS/SSL ciphers, protocols and cryptographic flaws time-decode - Timestamp and datetime decoder/encoder undbx - tool to extract, recover and undelete e-mail messages from .dbx files unhide - forensic tool to find hidden processes and ports unhide.rb - Forensics tool to find processes hidden by rootkits vinetto - forensics tool to examine Thumbs.db files wapiti - web application vulnerability scanner wfuzz - Web application bruteforcer winregfs - Windows registry FUSE filesystem wipe - secure file deletion yara - Pattern matching swiss knife for malware researchers RECOMMENDED PACKAGES (available for some architectures only) aeskeyfind - tool for locating AES keys in a captured memory image aircrack-ng - wireless WEP/WPA cracking utilities bruteforce-luks - Try to find a password of a LUKS encrypted volume bully - Implementation of the WPS brute force attack, written in C ext3grep - tool to help recover deleted files on ext3 filesystems ewf-tools - collection of tools for reading and writing EWF files gpart - Guess PC disk partition table, find lost partitions hashcat - World's fastest and most advanced password recovery utility ike-scan - discover and fingerprint IKE hosts (IPsec VPN Servers) mdk3 - Wireless attack tool for IEEE 802.11 networks mdk4 - Wireless attack tool for IEEE 802.11 networks nmap - The Network Mapper plaso - super timeline all the things -- metapackage radare2 - free and advanced command line hexadecimal editor wifite - Python script to automate wireless auditing using aircrack-ng tools xmount - tool for crossmounting between disk image formats -- Joao Eriberto Mota Filho Sun, 23 Jul 2023 23:25:34 -0300