| Key | Value |
|---|---|
| FileName | ./usr/bin/mactime |
| FileSize | 27268 |
| MD5 | 6959CF6C9CBD1A2FFE7C568411FB0473 |
| SHA-1 | 06555E400CB915A746883B7DE9F2AEA103A58DEF |
| SHA-256 | 8D77BC67A33C5C54531CC3D7242DFC3E5A8E0587D742C15967A240DB9ED52551 |
| SSDEEP | 384:LoIDBrZZzsy5W1L+ndOdCKA+TxZzVS1OMTp9tusCTnnw6pX:BBbsyjOTA4FVS1OMVvu3bw6V |
| TLSH | T198C295286DE7C6364277B8292BDEB0D46B66C10B2148AF157C5D62CD6F89435C2FCBE0 |
| tar:gname | root |
| tar:uname | root |
| hashlookup:parent-total | 26 |
| hashlookup:trust | 100 |
The searched file hash is included in 26 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 307600 |
| MD5 | C13A8F96D498FAF2B1D63CA8CE22D7FB |
| PackageDescription | tools for forensics analysis on volume and filesystem data The Sleuth Kit, also known as TSK, is a collection of UNIX-based command line file and volume system forensic analysis tools. The filesystem tools allow you to examine filesystems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the filesystems, deleted and hidden content is shown. . The volume system (media management) tools allow you to examine the layout of disks and other media. You can also recover deleted files, get information stored in slack spaces, examine filesystems journal, see partitions layout on disks or images etc. But is very important clarify that the TSK acts over the current filesystem only. . The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with filesystem analysis tools. . Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2. . This package contains the set of command line tools in The Sleuth Kit. |
| PackageMaintainer | Debian Security Tools <team+pkg-security@tracker.debian.org> |
| PackageName | sleuthkit |
| PackageSection | admin |
| PackageVersion | 4.10.1+dfsg-1 |
| SHA-1 | 0190B6355C3E4D35E0A063988E0128FE17C5B5D1 |
| SHA-256 | 677BDD835B29935EA53F65640C677E655D89AA893DA467DA9046ECA6B0005273 |
| Key | Value |
|---|---|
| MD5 | C6BD145D936B4FEDDBF77CAE1DE4C1E2 |
| PackageArch | armv7hl |
| PackageDescription | The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that allow you to investigate a computer. The current focus of the tools is the file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS, and ISO 9660 file systems |
| PackageMaintainer | Fedora Project |
| PackageName | sleuthkit |
| PackageRelease | 2.fc34 |
| PackageVersion | 4.10.1 |
| SHA-1 | 086E9AD9DD81FBD7749B7D4CC4C18948994C3DBA |
| SHA-256 | 42DD94616E39D1693A4CF02F6D027C6726B08C7672584263030A5C5F60714A94 |
| Key | Value |
|---|---|
| MD5 | 5D763AF302231B5A1BDD90DFFF688EBB |
| PackageArch | x86_64 |
| PackageDescription | The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that allow you to investigate a computer. The current focus of the tools is the file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS, and ISO 9660 file systems |
| PackageMaintainer | Fedora Project |
| PackageName | sleuthkit |
| PackageRelease | 2.fc34 |
| PackageVersion | 4.10.1 |
| SHA-1 | 0B682625D30ACC53B5E7D68A7E0924CDDDA6B3C9 |
| SHA-256 | 63CA9FA770E40C5AC11D3DB5946549BA21616E44F2E65AE1C4C32E140AF5B5D6 |
| Key | Value |
|---|---|
| MD5 | 2CD9D02191F6EC90EBCDDB6FC436A56D |
| PackageArch | armv7hl |
| PackageDescription | The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can extract data from internal file system structures. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. When performing a complete analysis of a system, command line tools can become tedious. The Autopsy Forensic Browser is a graphical interface to the tools in The Sleuth Kit, which allows one to more easily conduct an investigation. Autopsy provides case management, image integrity, keyword searching, and other automated operations. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | sleuthkit |
| PackageRelease | 1.mga8 |
| PackageVersion | 4.10.1 |
| SHA-1 | 266D2F30C737D3651085B75EC8BD34025F7E33BE |
| SHA-256 | 275ABCABF1F3B2B2E5A12C8565089D51EE41752C3126C3B04A5A3D5C5A403C23 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.9/packages//i386//sleuthkit-4.10.1.tgz |
| MD5 | 9D6D7405EE2FCDD64523AA672EED596E |
| SHA-1 | 27461FED635175335E54C9135428683580D131B7 |
| SHA-256 | 76A443589415CEC968182E0FAA38B56A8576701D6FB1E0787143C0BDA0DBB291 |
| SSDEEP | 196608:hPQ17kcOOhGsW6YnGf747jgeGOqdGSCvKogwS8zWufgTMJHVj:RQ17bB3W6Yy7sOTGSCSo5XfgT61j |
| TLSH | T14F7633029D303E27CD52B5566076206758594FAAC7FF363A714C22DA2677E060CBEF2E |
| Key | Value |
|---|---|
| FileSize | 351916 |
| MD5 | 190C26EB1DF825C850101754B5B5F938 |
| PackageDescription | tools for forensics analysis on volume and filesystem data The Sleuth Kit, also known as TSK, is a collection of UNIX-based command line file and volume system forensic analysis tools. The filesystem tools allow you to examine filesystems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the filesystems, deleted and hidden content is shown. . The volume system (media management) tools allow you to examine the layout of disks and other media. You can also recover deleted files, get information stored in slack spaces, examine filesystems journal, see partitions layout on disks or images etc. But is very important clarify that the TSK acts over the current filesystem only. . The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with filesystem analysis tools. . Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2. . This package contains the set of command line tools in The Sleuth Kit. |
| PackageMaintainer | Debian Security Tools <team+pkg-security@tracker.debian.org> |
| PackageName | sleuthkit |
| PackageSection | admin |
| PackageVersion | 4.10.1+dfsg-1 |
| SHA-1 | 28538F3B9B33F48357279B0477EC82FB7B833911 |
| SHA-256 | 7974478CBE0B97C06B8A91E73586BF27DE118D5F49793B5DC10CE008D93B48AE |
| Key | Value |
|---|---|
| FileSize | 330376 |
| MD5 | 0EA5236DBE0DF2A3E967A5EA410DFDB7 |
| PackageDescription | tools for forensics analysis on volume and filesystem data The Sleuth Kit, also known as TSK, is a collection of UNIX-based command line file and volume system forensic analysis tools. The filesystem tools allow you to examine filesystems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the filesystems, deleted and hidden content is shown. . The volume system (media management) tools allow you to examine the layout of disks and other media. You can also recover deleted files, get information stored in slack spaces, examine filesystems journal, see partitions layout on disks or images etc. But is very important clarify that the TSK acts over the current filesystem only. . The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with filesystem analysis tools. . Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2. . This package contains the set of command line tools in The Sleuth Kit. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | sleuthkit |
| PackageSection | admin |
| PackageVersion | 4.10.1+dfsg-1 |
| SHA-1 | 3432A5B5CAB34A4F2E0328ACE1C7DC9FD7994723 |
| SHA-256 | B4D7F28FCA6CB599FC4B832456EFF2629530E79D93B538DA7A6CEA78314C5B57 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.9/packages//amd64//sleuthkit-4.10.1.tgz |
| MD5 | CCB66A63CAECF6ADC205317FEBA7BDCB |
| SHA-1 | 35CBCA858763273F536DD1B381D29343AC46D125 |
| SHA-256 | B0C4E4A7490541AAE7A5D9972AE8402EEEC5AEA409717803E957787E930C0916 |
| SSDEEP | 196608:BOrdx5Mk2ffTb10WDrcYg2OzUFeuPg+nHZBedvPhevsmPKwC/KjRmB:BOpEDfT2WDrrg5UQuBedvPhksmQ/0RmB |
| TLSH | T18D7633D4823BF56BC665FD72E43EA52B2D9E31343C3411F6D68E6C28EEB44945083B1A |
| Key | Value |
|---|---|
| FileSize | 319448 |
| MD5 | 327493D441770E95450FCEEEA27AB5E4 |
| PackageDescription | tools for forensics analysis on volume and filesystem data The Sleuth Kit, also known as TSK, is a collection of UNIX-based command line file and volume system forensic analysis tools. The filesystem tools allow you to examine filesystems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the filesystems, deleted and hidden content is shown. . The volume system (media management) tools allow you to examine the layout of disks and other media. You can also recover deleted files, get information stored in slack spaces, examine filesystems journal, see partitions layout on disks or images etc. But is very important clarify that the TSK acts over the current filesystem only. . The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with filesystem analysis tools. . Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2. . This package contains the set of command line tools in The Sleuth Kit. |
| PackageMaintainer | Debian Security Tools <team+pkg-security@tracker.debian.org> |
| PackageName | sleuthkit |
| PackageSection | admin |
| PackageVersion | 4.10.1+dfsg-1 |
| SHA-1 | 3FBA580FC63AF2D604E06FA3EFFAC6A56C0C4BB2 |
| SHA-256 | 983CD85C78AC8AF28F3DFD9EB1A85FF4AC2626C8F6323A1DE35ED7DCCD0FD0AB |
| Key | Value |
|---|---|
| MD5 | 2297367B1F50D76B42B2F6F9A4352B06 |
| PackageArch | x86_64 |
| PackageDescription | The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can extract data from internal file system structures. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. When performing a complete analysis of a system, command line tools can become tedious. The Autopsy Forensic Browser is a graphical interface to the tools in The Sleuth Kit, which allows one to more easily conduct an investigation. Autopsy provides case management, image integrity, keyword searching, and other automated operations. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | sleuthkit |
| PackageRelease | 1.mga8 |
| PackageVersion | 4.10.1 |
| SHA-1 | 40989F605DD901382EC6EEB276B986E53FF38B79 |
| SHA-256 | 98F0C60CC090957DF5042B00CA404A7126C8834B0F6A8FABFA508C29D66A2DED |