diff options
author | antoine <antoine@FreeBSD.org> | 2014-10-06 04:12:23 +0800 |
---|---|---|
committer | antoine <antoine@FreeBSD.org> | 2014-10-06 04:12:23 +0800 |
commit | 4cc19c8f0410410a521135941b2780e9f7e510cf (patch) | |
tree | 0b13c5315f8f763b595baaec8c9c5914acaba284 /security | |
parent | a47b6637037cba2f0e8e5c76fe488254ba7b7803 (diff) | |
download | freebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.tar.gz freebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.tar.zst freebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.zip |
New port: security/py-rekall
The Rekall Framework is a completely open collection of tools, implemented in
Python under the GNU General Public License, for the extraction of digital
artifacts from volatile memory (RAM) samples. The extraction techniques are
performed completely independent of the system being investigated but offer
visibility into the runtime state of the system. The framework is intended to
introduce people to the techniques and complexities associated with extracting
digital artifacts from volatile memory samples and provide a platform for
further work into this exciting area of research.
WWW: http://www.rekall-forensic.com/
Diffstat (limited to 'security')
-rw-r--r-- | security/Makefile | 1 | ||||
-rw-r--r-- | security/py-rekall/Makefile | 46 | ||||
-rw-r--r-- | security/py-rekall/distinfo | 2 | ||||
-rw-r--r-- | security/py-rekall/pkg-descr | 10 |
4 files changed, 59 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 18327838c7d5..ca0bd8bae358 100644 --- a/security/Makefile +++ b/security/Makefile @@ -795,6 +795,7 @@ SUBDIR += py-pyptlib SUBDIR += py-pysha3 SUBDIR += py-python-registry + SUBDIR += py-rekall SUBDIR += py-rsa SUBDIR += py-service_identity SUBDIR += py-slowaes diff --git a/security/py-rekall/Makefile b/security/py-rekall/Makefile new file mode 100644 index 000000000000..b35defe95bef --- /dev/null +++ b/security/py-rekall/Makefile @@ -0,0 +1,46 @@ +# Created by: antoine@FreeBSD.org +# $FreeBSD$ + +PORTNAME= rekall +DISTVERSION= 1.1.0.beta +CATEGORIES= security python +MASTER_SITES= CHEESESHOP +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= antoine@FreeBSD.org +COMMENT= Memory forensics analysis framework + +LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +RUN_DEPENDS= cabextract:${PORTSDIR}/archivers/cabextract \ + ${PYTHON_PKGNAMEPREFIX}acora>=1.8:${PORTSDIR}/textproc/py-acora \ + ${PYTHON_PKGNAMEPREFIX}codegen>=1.0:${PORTSDIR}/devel/py-codegen \ + ${PYTHON_PKGNAMEPREFIX}distorm>=0:${PORTSDIR}/devel/py-distorm \ + ${PYTHON_PKGNAMEPREFIX}Flask>=0.10.1:${PORTSDIR}/www/py-flask \ + ${PYTHON_PKGNAMEPREFIX}Flask-Sockets>=0:${PORTSDIR}/www/py-flask-sockets \ + ${PYTHON_PKGNAMEPREFIX}gevent>=1.0.1:${PORTSDIR}/devel/py-gevent \ + ${PYTHON_PKGNAMEPREFIX}gevent-websocket>=0.9.3:${PORTSDIR}/www/py-gevent-websocket \ + ${PYTHON_PKGNAMEPREFIX}ipython>=2.0.0:${PORTSDIR}/devel/ipython \ + ${PYTHON_PKGNAMEPREFIX}pycrypto>=2.3.1:${PORTSDIR}/security/py-pycrypto \ + ${PYTHON_PKGNAMEPREFIX}pyelftools>=0.21:${PORTSDIR}/devel/py-pyelftools \ + ${PYTHON_PKGNAMEPREFIX}pytz>=2012:${PORTSDIR}/devel/py-pytz \ + ${PYTHON_PKGNAMEPREFIX}yaml>=2.10:${PORTSDIR}/devel/py-yaml \ + ${PYTHON_PKGNAMEPREFIX}yara>=0:${PORTSDIR}/security/py-yara + +USES= python:2 +USE_PYTHON= distutils autoplist + +PORTDOCS= CREDITS.txt LEGAL.txt README.md + +OPTIONS_DEFINE= DOCS + +post-patch: + @${CHMOD} -R a+rX ${WRKSRC} + @${REINPLACE_CMD} '/argparse/d' ${WRKSRC}/setup.py + +post-install: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR} + +.include <bsd.port.mk> diff --git a/security/py-rekall/distinfo b/security/py-rekall/distinfo new file mode 100644 index 000000000000..b9a0744d9834 --- /dev/null +++ b/security/py-rekall/distinfo @@ -0,0 +1,2 @@ +SHA256 (rekall-1.1.0.beta.tar.gz) = 2815ec19aefe7c3ef48a49b5a054f0c8d9242cc9855e525a2ea872ff3da2f4d6 +SIZE (rekall-1.1.0.beta.tar.gz) = 3510576 diff --git a/security/py-rekall/pkg-descr b/security/py-rekall/pkg-descr new file mode 100644 index 000000000000..8944d2dc81df --- /dev/null +++ b/security/py-rekall/pkg-descr @@ -0,0 +1,10 @@ +The Rekall Framework is a completely open collection of tools, implemented in +Python under the GNU General Public License, for the extraction of digital +artifacts from volatile memory (RAM) samples. The extraction techniques are +performed completely independent of the system being investigated but offer +visibility into the runtime state of the system. The framework is intended to +introduce people to the techniques and complexities associated with extracting +digital artifacts from volatile memory samples and provide a platform for +further work into this exciting area of research. + +WWW: http://www.rekall-forensic.com/ |