deb_control_files:
- control
- md5sums
deb_fields:
Architecture: all
Depends: forensics-samples-tools
Description: |-
Set of files to help learn/test forensics tools and techniques (multiple FS)
forensics-samples is a set of useful files to help to learn or test forensics
tools and techniques. These files are examples of pictures, filesystems and
other possible artifacts as memory dumps (not available yet).
.
forensics-samples is useful for students and CI tests. The main intent of this
work is provide a standardized set of files to avoid time waste in some tasks
when learning about forensics or testing tools.
.
There are some filesystem images available (currently: ext2, ext4, btrfs,
NTFS, FAT2 (vfat) and exFAT). Inside each filesystem image, all files from
"original-files" directory were copied and, after this, all directories ending
with "2" in their names were deleted. Is possible use tools to analyse the
files and their metadata or carvers to recover deleted files.
.
On Debian, forensics-samples also is useful to provide files to be used by
other packages in CI tests (autopkgtest), making several source-packages
smallest (e.g.: metacam, ext4magic, foremost, magicrescue, disktype, etc).
All you need is use it as a dependency for your test in
debian/tests/control file.
.
This package provides an image called fs.multiple. This disk image has 4
partitions with the following filesystems: btrfs, ext4, exFAT and NTFS.
Homepage: https://github.com/eribertomota/forensics-samples
Installed-Size: '321'
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Multi-Arch: foreign
Package: forensics-samples-multiple
Priority: optional
Section: utils
Source: forensics-samples
Suggests: forensics-samples-all, forensics-samples-btrfs, forensics-samples-exfat,
forensics-samples-ext2, forensics-samples-files, forensics-samples-ntfs, forensics-samples-vfat
Version: 1.1.4-5
srcpkg_name: forensics-samples
srcpkg_version: 1.1.4-5