aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorantoine <antoine@FreeBSD.org>2014-10-06 04:12:23 +0800
committerantoine <antoine@FreeBSD.org>2014-10-06 04:12:23 +0800
commit4cc19c8f0410410a521135941b2780e9f7e510cf (patch)
tree0b13c5315f8f763b595baaec8c9c5914acaba284 /security
parenta47b6637037cba2f0e8e5c76fe488254ba7b7803 (diff)
downloadfreebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.tar.gz
freebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.tar.zst
freebsd-ports-gnome-4cc19c8f0410410a521135941b2780e9f7e510cf.zip
New port: security/py-rekall
The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. WWW: http://www.rekall-forensic.com/
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/py-rekall/Makefile46
-rw-r--r--security/py-rekall/distinfo2
-rw-r--r--security/py-rekall/pkg-descr10
4 files changed, 59 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 18327838c7d5..ca0bd8bae358 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -795,6 +795,7 @@
SUBDIR += py-pyptlib
SUBDIR += py-pysha3
SUBDIR += py-python-registry
+ SUBDIR += py-rekall
SUBDIR += py-rsa
SUBDIR += py-service_identity
SUBDIR += py-slowaes
diff --git a/security/py-rekall/Makefile b/security/py-rekall/Makefile
new file mode 100644
index 000000000000..b35defe95bef
--- /dev/null
+++ b/security/py-rekall/Makefile
@@ -0,0 +1,46 @@
+# Created by: antoine@FreeBSD.org
+# $FreeBSD$
+
+PORTNAME= rekall
+DISTVERSION= 1.1.0.beta
+CATEGORIES= security python
+MASTER_SITES= CHEESESHOP
+PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
+
+MAINTAINER= antoine@FreeBSD.org
+COMMENT= Memory forensics analysis framework
+
+LICENSE= GPLv2
+LICENSE_FILE= ${WRKSRC}/LICENSE.txt
+
+RUN_DEPENDS= cabextract:${PORTSDIR}/archivers/cabextract \
+ ${PYTHON_PKGNAMEPREFIX}acora>=1.8:${PORTSDIR}/textproc/py-acora \
+ ${PYTHON_PKGNAMEPREFIX}codegen>=1.0:${PORTSDIR}/devel/py-codegen \
+ ${PYTHON_PKGNAMEPREFIX}distorm>=0:${PORTSDIR}/devel/py-distorm \
+ ${PYTHON_PKGNAMEPREFIX}Flask>=0.10.1:${PORTSDIR}/www/py-flask \
+ ${PYTHON_PKGNAMEPREFIX}Flask-Sockets>=0:${PORTSDIR}/www/py-flask-sockets \
+ ${PYTHON_PKGNAMEPREFIX}gevent>=1.0.1:${PORTSDIR}/devel/py-gevent \
+ ${PYTHON_PKGNAMEPREFIX}gevent-websocket>=0.9.3:${PORTSDIR}/www/py-gevent-websocket \
+ ${PYTHON_PKGNAMEPREFIX}ipython>=2.0.0:${PORTSDIR}/devel/ipython \
+ ${PYTHON_PKGNAMEPREFIX}pycrypto>=2.3.1:${PORTSDIR}/security/py-pycrypto \
+ ${PYTHON_PKGNAMEPREFIX}pyelftools>=0.21:${PORTSDIR}/devel/py-pyelftools \
+ ${PYTHON_PKGNAMEPREFIX}pytz>=2012:${PORTSDIR}/devel/py-pytz \
+ ${PYTHON_PKGNAMEPREFIX}yaml>=2.10:${PORTSDIR}/devel/py-yaml \
+ ${PYTHON_PKGNAMEPREFIX}yara>=0:${PORTSDIR}/security/py-yara
+
+USES= python:2
+USE_PYTHON= distutils autoplist
+
+PORTDOCS= CREDITS.txt LEGAL.txt README.md
+
+OPTIONS_DEFINE= DOCS
+
+post-patch:
+ @${CHMOD} -R a+rX ${WRKSRC}
+ @${REINPLACE_CMD} '/argparse/d' ${WRKSRC}/setup.py
+
+post-install:
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR}
+
+.include <bsd.port.mk>
diff --git a/security/py-rekall/distinfo b/security/py-rekall/distinfo
new file mode 100644
index 000000000000..b9a0744d9834
--- /dev/null
+++ b/security/py-rekall/distinfo
@@ -0,0 +1,2 @@
+SHA256 (rekall-1.1.0.beta.tar.gz) = 2815ec19aefe7c3ef48a49b5a054f0c8d9242cc9855e525a2ea872ff3da2f4d6
+SIZE (rekall-1.1.0.beta.tar.gz) = 3510576
diff --git a/security/py-rekall/pkg-descr b/security/py-rekall/pkg-descr
new file mode 100644
index 000000000000..8944d2dc81df
--- /dev/null
+++ b/security/py-rekall/pkg-descr
@@ -0,0 +1,10 @@
+The Rekall Framework is a completely open collection of tools, implemented in
+Python under the GNU General Public License, for the extraction of digital
+artifacts from volatile memory (RAM) samples. The extraction techniques are
+performed completely independent of the system being investigated but offer
+visibility into the runtime state of the system. The framework is intended to
+introduce people to the techniques and complexities associated with extracting
+digital artifacts from volatile memory samples and provide a platform for
+further work into this exciting area of research.
+
+WWW: http://www.rekall-forensic.com/