Paket: plaso (20190131-1)

Links für plaso

Debian-Ressourcen:

Quellcode-Paket plaso herunterladen:

Betreuer:

Externe Ressourcen:

Homepage [plaso.kiddaland.net]

super timeline all the things

Plaso (plaso langar að safna öllu) is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.

Andere Pakete mit Bezug zu plaso

hängt ab von

empfiehlt

schlägt vor

erweitert

dep: python

Interaktive objektorientierte Hochsprache (Python2-Version)
dep: python-artifacts (>= 20170818)

knowledge base of forensic artifacts (Python 2)
dep: python-biplist (>= 1.0.3)

Python 2 library for reading/writing Mac OS X binary plists
dep: python-certifi (>= 2016.9.26)

Root-Zertifikate für die Validierung von SSL-Zertifikaten und Überprüfung von TLS-Hosts
dep: python-chardet (>= 2.0.1)

Universelles Erkennungsprogramm für Zeichensatz-Codierungen für Python2
dep: python-crypto (>= 2.6)

Kryptografische Algorithmen und Protokolle für Python
dep: python-dateutil (>= 1.5)

Leistungsfähige Erweiterungen für das Python-Standardmodul datetime
dep: python-dfdatetime (>= 20180704)

Digital Forensics date and time library for Python 2
dep: python-dfvfs (>= 20181209)

Digital Forensics Virtual File System
dep: python-dfwinreg (>= 20180712)

Digital Forensics Windows Registry library for Python 2
dep: python-dtfabric (>= 20181128)

Tooling for data type and structure management - Python 2.x
dep: python-efilter (>= 1.5)

EFILTER query language (Python 2)
dep: python-elasticsearch (>= 5.4.0)

Python client for Elasticsearch
dep: python-fsapfs (>= 20181205)

APFS access library -- Python 2 bindings
dep: python-future

single-source support for Python 3 and 2 - Python 2.x
dep: python-hachoir-core (>= 1.3.3)

Core of Hachoir framework: parse and edit binary files
dep: python-hachoir-metadata (>= 1.3.3)

Program to extract metadata using Hachoir library
dep: python-hachoir-parser (>= 1.3.4)

Package of Hachoir parsers used to open binary files
dep: python-idna

Python-Handhabung von IDNA2008 (RFC 5891) - Python 2
dep: python-libbde (>= 20140531)

BitLocker Drive Encryption access library -- Python 2 bindings
dep: python-libesedb (>= 20150409)

Extensible Storage Engine DB access library -- Python 2 bindings
dep: python-libevt (>= 20120410)

Windows Event Log (EVT) format access library -- Python 2 bindings
dep: python-libevtx (>= 20141112)

Windows XML Event Log format access library -- Python 2 bindings
dep: python-libewf (>= 20131210)

support for Expert Witness Compression format -- Python 2 bindings
dep: python-libfsntfs (>= 20151130)

NTFS access library -- Python 2 bindings
dep: python-libfvde (>= 20160719)

FileVault Drive Encryption access library -- Python 2 bindings
dep: python-libfwnt (>= 20160418)

Windows NT data type library -- Python 2 bindings
dep: python-libfwsi (>= 20150606)

Windows Shell Item format access library -- Python 2 bindings
dep: python-liblnk (>= 20150830)

Windows Shortcut File format access library -- Python 2 bindings
dep: python-libmsiecf (>= 20150314)

Microsoft Internet Explorer Cache File access library -- Python 2 bindings
dep: python-libolecf (>= 20151223)

OLE2 Compound File format access library -- Python 2 bindings
dep: python-libqcow (>= 20131204)

QEMU Copy-On-Write image format access library -- Python 2 bindings
dep: python-libregf (>= 20150315)

Windows NT Registry File (REGF) format access library -- Python 2 bindings
dep: python-libscca (>= 20151226)

Windows Prefetch File access library -- Python 2 bindings
dep: python-libsigscan (>= 20150627)

binary signature scanning library -- Python 2 bindings
dep: python-libsmdev (>= 20140529)

storage media device access library -- Python 2 bindings
dep: python-libsmraw (>= 20140612)

split RAW image format access library -- Python 2 bindings
dep: python-libvhdi (>= 20131210)

Virtual Hard Disk image format access library -- Python 2 bindings
dep: python-libvmdk (>= 20140421)

VMWare Virtual Disk format access library -- Python 2 bindings
dep: python-libvshadow (>= 20160109)

Volume Shadow Snapshot format access library -- Python 2 bindings
dep: python-libvslvm (>= 20160109)

Linux LVM volume system format access library -- Python 2 bindings
dep: python-lz4

Python interface to the lz4 compression library
dep: python-lzma

Python bindings for liblzma
dep: python-pefile

Modul zum Parsen von Portable Executable (PE) für Python
dep: python-psutil (>= 1.2.1)

Modul mit komfortablen Funktionen für die Prozessverwaltung
dep: python-pyparsing (>= 2.0.3)

Alternative zur Erzeugung und Ausführung einfacher Grammatiken - Python 2.7
dep: python-requests (>= 2.2.1)

Elegante und einfache Python2-HTTP-Bibliothek, für Menschen gebaut
dep: python-six (>= 1.1.0)

Bibliothek für die Kompatibilität von Python 2 und 3 (Python-2-Schnittstelle)
dep: python-tsk (>= 20160721)

Python Bindings for The Sleuth Kit
dep: python-tz

Python-Version der Olson-Zeitzonendatenbank
dep: python-urllib3

Python-HTTP-Bibliothek mit thread-sicherer Wiederverwendung von Verbindungen
dep: python-xlsxwriter (>= 0.9.3)

Python module for creating Excel XLSX files
dep: python-yaml (>= 3.10)

Python-Parser und -Emitter für YAML
dep: python-yara (>= 3.4.0)

Python 2 bindings for YARA
dep: python-zmq (>= 2.1.11)

Python-Anbindungen für die 0MQ-Bibliothek

plaso herunterladen

Download für alle verfügbaren Architekturen
Architektur	Paketgröße	Größe (installiert)	Dateien
all	1.167,0 kB	10.092,0 kB	[Liste der Dateien]