deb_control_files:
- control
- md5sums
deb_fields:
Architecture: all
Depends: forensics-samples-tools
Description: |-
Set of files to help learn/test forensics tools and techniques (ext4)
forensics-samples is a set of useful files to help to learn or test forensics
tools and techniques. These files are examples of pictures, filesystems and
other possible artifacts as memory dumps (not available yet).
.
forensics-samples is useful for students and CI tests. The main intent of this
work is provide a standardized set of files to avoid time waste in some tasks
when learning about forensics or testing tools.
.
There are some filesystem images available (currently: ext2, ext4, btrfs,
NTFS, FAT2 (vfat) and exFAT). Inside each filesystem image, all files from
"original-files" directory were copied and, after this, all directories ending
with "2" in their names were deleted. Is possible use tools to analyse the
files and their metadata or carvers to recover deleted files.
.
On Debian, forensics-samples also is useful to provide files to be used by
other packages in CI tests (autopkgtest), making several source-packages
smallest (e.g.: metacam, ext4magic, foremost, magicrescue, disktype, etc).
All you need is use it as a dependency for your test in
debian/tests/control file.
.
This package provides an image of an ext4 filesystem.
Homepage: https://github.com/eribertomota/forensics-samples
Installed-Size: '29613'
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Multi-Arch: foreign
Package: forensics-samples-ext4
Priority: optional
Section: utils
Source: forensics-samples
Suggests: forensics-samples-all, forensics-samples-btrfs, forensics-samples-exfat,
forensics-samples-ext2, forensics-samples-files, forensics-samples-multiple, forensics-samples-ntfs,
forensics-samples-vfat
Version: 1.1.4-5
srcpkg_name: forensics-samples
srcpkg_version: 1.1.4-5