sleuthkit_4.2.0-3_i386.deb


Advertisement

Description

sleuthkit - tools for forensics analysis on volume and filesystem data

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: sleuthkit
Package version: 4.2.0
Package release: 3
Package architecture: i386
Package type: deb
Installed size: 1.02 KB
Download size: 245.13 KB
Official Mirror: archive.ubuntu.com
The Sleuth Kit, also known as TSK, is a collection of UNIX-based command line file and volume system forensic analysis tools. The filesystem tools allow you to examine filesystems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the filesystems, deleted and hidden content is shown. The volume system (media management) tools allow you to examine the layout of disks and other media. You can also recover deleted files, get information stored in slack spaces, examine filesystems journal, see partitions layout on disks or images etc. But is very important clarify that the TSK acts over the current filesystem only. The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with filesystem analysis tools. Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2. This package contains the set of command line tools in The Sleuth Kit.

Alternatives

Conflicts

  • tct

    Download

    Source package: sleuthkit

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install sleuthkit deb package:
      # sudo apt-get install sleuthkit

    Files

    • /usr/bin/blkcalc
    • /usr/bin/blkcat
    • /usr/bin/blkls
    • /usr/bin/blkstat
    • /usr/bin/fcat
    • /usr/bin/ffind
    • /usr/bin/fiwalk
    • /usr/bin/fls
    • /usr/bin/fsstat
    • /usr/bin/hfind
    • /usr/bin/icat
    • /usr/bin/ifind
    • /usr/bin/ils
    • /usr/bin/img_cat
    • /usr/bin/img_stat
    • /usr/bin/istat
    • /usr/bin/jcat
    • /usr/bin/jls
    • /usr/bin/jpeg_extract
    • /usr/bin/mactime
    • /usr/bin/mmcat
    • /usr/bin/mmls
    • /usr/bin/mmstat
    • /usr/bin/sigfind
    • /usr/bin/sorter
    • /usr/bin/srch_strings
    • /usr/bin/tsk_comparedir
    • /usr/bin/tsk_gettimes
    • /usr/bin/tsk_loaddb
    • /usr/bin/tsk_recover
    • /usr/share/doc/sleuthkit/NEWS.txt.gz
    • /usr/share/doc/sleuthkit/README.fiwalk
    • /usr/share/doc/sleuthkit/README.md.gz
    • /usr/share/doc/sleuthkit/changelog.Debian.gz
    • /usr/share/doc/sleuthkit/copyright
    • /usr/share/man/man1/blkcalc.1.gz
    • /usr/share/man/man1/blkcat.1.gz
    • /usr/share/man/man1/blkls.1.gz
    • /usr/share/man/man1/blkstat.1.gz
    • /usr/share/man/man1/fcat.1.gz
    • /usr/share/man/man1/ffind.1.gz
    • /usr/share/man/man1/fiwalk.1.gz
    • /usr/share/man/man1/fls.1.gz
    • /usr/share/man/man1/fsstat.1.gz
    • /usr/share/man/man1/hfind.1.gz
    • /usr/share/man/man1/icat.1.gz
    • /usr/share/man/man1/ifind.1.gz
    • /usr/share/man/man1/ils.1.gz
    • /usr/share/man/man1/img_cat.1.gz
    • /usr/share/man/man1/img_stat.1.gz
    • /usr/share/man/man1/istat.1.gz
    • /usr/share/man/man1/jcat.1.gz
    • /usr/share/man/man1/jls.1.gz
    • /usr/share/man/man1/jpeg_extract.1.gz
    • /usr/share/man/man1/mactime.1.gz
    • /usr/share/man/man1/mmcat.1.gz
    • /usr/share/man/man1/mmls.1.gz
    • /usr/share/man/man1/mmstat.1.gz
    • /usr/share/man/man1/sigfind.1.gz
    • /usr/share/man/man1/sorter.1.gz
    • /usr/share/man/man1/srch_strings.1.gz
    • /usr/share/man/man1/tsk_comparedir.1.gz
    • /usr/share/man/man1/tsk_gettimes.1.gz
    • /usr/share/man/man1/tsk_loaddb.1.gz
    • /usr/share/man/man1/tsk_recover.1.gz
    • /usr/share/tsk/sorter/default.sort
    • /usr/share/tsk/sorter/freebsd.sort
    • /usr/share/tsk/sorter/images.sort
    • /usr/share/tsk/sorter/linux.sort
    • /usr/share/tsk/sorter/openbsd.sort
    • /usr/share/tsk/sorter/solaris.sort
    • /usr/share/tsk/sorter/windows.sort

    Changelog

    2015-11-28 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.2.0-3) unstable; urgency=medium * debian/rules: added override_dh_makeshlibs to provide the right package version to dpkg-gensymbols.

    2015-11-16 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.2.0-2) unstable; urgency=medium * Upload to unstable. * debian/libtsk13.symbols: removed a symbol incompatible with arm64.

    2015-11-12 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.2.0-1) experimental; urgency=medium * New upstream release. * Migrations: - Using libtsk13 instead of libtsk10v5. - Generating a new main symbol file (trying a universal format). * debian/clean: removed. The upstream fixed the source code. Thanks! * debian/control: added exFAT in long descriptions. * debian/copyright: - Changed the packaging license from GPL-2+ to BSD-3-Clause to provide full compatibility with upstream. - Reviewed and updated all information about the upstream copyright. - Updated the 'Source' field in header. * debian/gbp.conf: not used by me... Removed. * debian/manpage: - Converted srch_strings.1 to txt2man format. - Little adjustments in *.txt files. - Updated the genallman.sh script. * debian/patches/: - 20_fix_spelling_errors.diff: adjusted. - 30_fix-manpages.diff: adjusted. - 60_add_TSK_IMG_INFO_used_by_pytsk.diff: removed. The upstream fixed the source code. Thanks! * debian/README.source: added information about licensing. * debian/rules: removed a line to specify the SHELL variable. * debian/sleuthkit.docs: renamed README.txt to README.md.

    2015-09-13 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-12) unstable; urgency=medium * Fixed some symbols.

    2015-08-09 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-11) unstable; urgency=medium * Renamed library package for new libstdc++6 ABI. * Updated the symbols for kfreebsd-amd64, alpha, m68k, sh4 and sparc64.

    2015-08-05 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-10) unstable; urgency=medium * Upload to unstable. * Updated all symbols files. (Closes: #791285, #791737)

    2015-08-03 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-9) experimental; urgency=medium * Re-generating all symbols to avoid a FTBFS with GCC5. This is the first upload to collect necessary changes in each architecture.

    2015-06-22 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-8) unstable; urgency=medium * Added debian/libtsk10.symbols.mips64el. (Closes: #789603)

    2015-05-16 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-7) unstable; urgency=medium * Created symbols for alpha and m68k. * Fixed symbols for hppa. * Removed debian-revision from some symbols. * Using symlinks for some symbols.

    2015-05-12 - Joao Eriberto Mota Filho <eriberto@debian.org> sleuthkit (4.1.3-6) unstable; urgency=medium * Upload to unstable. * Created all necessary symbols. * debian/patches/70_fix-FTBFS-HURD.diff: added to fix a FTBFS in HURD.

    Advertisement
    Advertisement