diff options
-rw-r--r-- | security/Makefile | 1 | ||||
-rw-r--r-- | security/py-rekall/Makefile | 46 | ||||
-rw-r--r-- | security/py-rekall/distinfo | 2 | ||||
-rw-r--r-- | security/py-rekall/pkg-descr | 10 |
4 files changed, 59 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 18327838c7d5..ca0bd8bae358 100644 --- a/security/Makefile +++ b/security/Makefile @@ -795,6 +795,7 @@ SUBDIR += py-pyptlib SUBDIR += py-pysha3 SUBDIR += py-python-registry + SUBDIR += py-rekall SUBDIR += py-rsa SUBDIR += py-service_identity SUBDIR += py-slowaes diff --git a/security/py-rekall/Makefile b/security/py-rekall/Makefile new file mode 100644 index 000000000000..b35defe95bef --- /dev/null +++ b/security/py-rekall/Makefile @@ -0,0 +1,46 @@ +# Created by: antoine@FreeBSD.org +# $FreeBSD$ + +PORTNAME= rekall +DISTVERSION= 1.1.0.beta +CATEGORIES= security python +MASTER_SITES= CHEESESHOP +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= antoine@FreeBSD.org +COMMENT= Memory forensics analysis framework + +LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +RUN_DEPENDS= cabextract:${PORTSDIR}/archivers/cabextract \ + ${PYTHON_PKGNAMEPREFIX}acora>=1.8:${PORTSDIR}/textproc/py-acora \ + ${PYTHON_PKGNAMEPREFIX}codegen>=1.0:${PORTSDIR}/devel/py-codegen \ + ${PYTHON_PKGNAMEPREFIX}distorm>=0:${PORTSDIR}/devel/py-distorm \ + ${PYTHON_PKGNAMEPREFIX}Flask>=0.10.1:${PORTSDIR}/www/py-flask \ + ${PYTHON_PKGNAMEPREFIX}Flask-Sockets>=0:${PORTSDIR}/www/py-flask-sockets \ + ${PYTHON_PKGNAMEPREFIX}gevent>=1.0.1:${PORTSDIR}/devel/py-gevent \ + ${PYTHON_PKGNAMEPREFIX}gevent-websocket>=0.9.3:${PORTSDIR}/www/py-gevent-websocket \ + ${PYTHON_PKGNAMEPREFIX}ipython>=2.0.0:${PORTSDIR}/devel/ipython \ + ${PYTHON_PKGNAMEPREFIX}pycrypto>=2.3.1:${PORTSDIR}/security/py-pycrypto \ + ${PYTHON_PKGNAMEPREFIX}pyelftools>=0.21:${PORTSDIR}/devel/py-pyelftools \ + ${PYTHON_PKGNAMEPREFIX}pytz>=2012:${PORTSDIR}/devel/py-pytz \ + ${PYTHON_PKGNAMEPREFIX}yaml>=2.10:${PORTSDIR}/devel/py-yaml \ + ${PYTHON_PKGNAMEPREFIX}yara>=0:${PORTSDIR}/security/py-yara + +USES= python:2 +USE_PYTHON= distutils autoplist + +PORTDOCS= CREDITS.txt LEGAL.txt README.md + +OPTIONS_DEFINE= DOCS + +post-patch: + @${CHMOD} -R a+rX ${WRKSRC} + @${REINPLACE_CMD} '/argparse/d' ${WRKSRC}/setup.py + +post-install: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR} + +.include <bsd.port.mk> diff --git a/security/py-rekall/distinfo b/security/py-rekall/distinfo new file mode 100644 index 000000000000..b9a0744d9834 --- /dev/null +++ b/security/py-rekall/distinfo @@ -0,0 +1,2 @@ +SHA256 (rekall-1.1.0.beta.tar.gz) = 2815ec19aefe7c3ef48a49b5a054f0c8d9242cc9855e525a2ea872ff3da2f4d6 +SIZE (rekall-1.1.0.beta.tar.gz) = 3510576 diff --git a/security/py-rekall/pkg-descr b/security/py-rekall/pkg-descr new file mode 100644 index 000000000000..8944d2dc81df --- /dev/null +++ b/security/py-rekall/pkg-descr @@ -0,0 +1,10 @@ +The Rekall Framework is a completely open collection of tools, implemented in +Python under the GNU General Public License, for the extraction of digital +artifacts from volatile memory (RAM) samples. The extraction techniques are +performed completely independent of the system being investigated but offer +visibility into the runtime state of the system. The framework is intended to +introduce people to the techniques and complexities associated with extracting +digital artifacts from volatile memory samples and provide a platform for +further work into this exciting area of research. + +WWW: http://www.rekall-forensic.com/ |