rsnapshot is a filesystem snapshot utility for making backups of local
and remote systems. Using rsync and hard links, it is possible to keep
multiple, full backups instantly available. The disk space required is
just a little more than the space of one full backup, plus
incrementals. Depending on your configuration, it is quite possible to
set up in just a few minutes. Files can be restored by the users who
own them, without the root user getting involved. There are no tapes to
change, so once it's set up, you may never need to think about it
again.

MACRO SPITBOL is the best-ever implementation of the SNOBOL4 programming language, the language defined by The Green Book.

Written in the 1970's, MACRO SPITBOL is coded in MINIMAL, an assembly language for an abstract machine. The instruction set is carefully defined to allow some latitude in its implementation, so that hardware operations favorable to string processing can be exploited.

The principal author is Prof. Robert B. K. Dewar of the Courant Institute of Mathematical Sciences (CIMS), at New York University. Robert is also well-known for his work on the Ada programming language, and is a co-founder of AdaCore.

Fast, simple packet creation / parsing, with definitions for the basic TCP/IP
protocols.

Python bindings for FUSE (User space File System)

pefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data.

pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file.

Some of the tasks that pefile makes possible are:

Modifying and writing back to the PE image
Header Inspection
Sections analysis
Retrieving data
Warnings for suspicious and malformed values
Packer detection with PEiD's signatures
PEiD signature generation

A tool to investigate an ext3 file system for deleted content and possibly recover it.

Also see http://www.xs4all.nl/~carlo17/howto/undelete_ext3.html

Open2300 is a package for communicating with Lacrosse Weather Stations.
All of the executables are commandline only.
It supports serial and usb connections.
This package has not been released in several years.
This source code was pulled from svn March, 2009

Library for Apple XML plist, JSON, and Coda-C OOP.

This project was created for package test-image-live-disk via attribute OBS:Maintained

This project was created for package test-image-live-disk via attribute OBS:Maintained

SullivanStrickler LLC is developing its own boot CD based on Opensuse.

Various additional packages are desired that are not in the base distribution.

AFF is an open and extensible file format designed to store disk images and associated metadata. afflib is library for support of the Advanced Forensic Format (AFF).

bulk_extractor is a C++ program that scans a disk image, a file, or a
directory of files and extracts useful information without parsing the
file system or file system structures. The results are stored in feature
files that can be easily inspected, parsed, or processed with automated
tools. bulk_extractor also created a histograms of features that it finds,
as features that are more common tend to be more important.

libewf is a library for support of the Expert Witness Compression Format (EWF). libewf allows you to read media information of EWF files in the SMART (EWF-S01)format and the EnCase (EWF-E01) format. libewf allows to read files created by EnCase 1 to 6, linen and FTK Imager

mac-robber is a digital forensics and incident response tool that can be used
with The Sleuth Kit to create a timeline of file activity for mounted
file systems.

NTFS-3G allows for read/write access to NTFS partitions which can be
shared with Windows XP, Windows Server 2003, Windows 2000, Windows
Vista and Windows Seven.

This module exports one subroutine: 'Hexify'.

'Hexify' formats arbitrary (possible binary) data into a format suitable
for hex dumps in the style of 'xd' or 'hexl'.

The first, or only, argument to 'Hexify' contains the data, or a reference
to the data, to be hexified. Hexify will return a string that prints as
follows:

0000: 70 61 63 6b 61 67 65 20 44 61 74 61 3a 3a 48 65 package Data::He
0010: 78 69 66 79 3b 0a 0a 75 73 65 20 35 2e 30 30 36 xify;..use 5.006

and so on. At the left is the (hexadecimal) index of the data, then a
number of hex bytes, followed by the chunk of data with unprintables
replaced by periods.

The optional second argument to 'Hexify' must be a hash or a hash
reference, containing values for any of the following parameters:

* first

The first byte of the data to be processed. Default is to start from the
beginning of the data.

* length

The number of bytes to be processed. Default is to proceed all data.

* chunk

The number of bytes to be processed per line of output. Default is 16.

* group

The number of bytes to be grouped together. Default is 1 (no grouping).
If used, it must be a divisor of the chunk size.

* duplicates

When set, duplicate lines of output are suppressed and replaced by a
single line reading '**SAME**'.

Duplicate suppression is enabled by default.

* showdata

A reference to a subroutine that is used to produce a printable string
from a chunk of data. By default, a subroutine is used that replaces
unwanted bytes by periods.

The subroutine gets the chunk of data passed as argument, and should
return a printable string of at most 'chunksize' characters.

* align

Align the result to 'chunksize' bytes. This is relevant only when
processing data not from the beginning. For example, when 'first' is 10,
the result would become:

0000: ... 74 61 3a 3a 48 65 ta::He
0010: 78 69 66 79 3b ... 65 20 35 2e 30 30 36 xify;..use 5.006
... and so on ...

Alignment is on by default. Without alignment, the result would be:

000a: 74 61 3a 3a 48 ... 79 3b 0a 0a 75 73 65 ta::Hexify;..use
001a: 20 35 2e 30 30 ... 73 65 20 73 74 72 69 5.006;.use stri
... and so on ...

* start

Pretend that the data started at this byte (while in reality it starts at
byte 'first'). The above example, with 'start => 0', becomes:

0000: 74 61 3a 3a 48 ... 79 3b 0a 0a 75 73 65 ta::Hexify;..use
0010: 20 35 2e 30 30 ... 73 65 20 73 74 72 69 5.006;.use stri
... and so on ...

This is a module that can read the Mozilla URL history file -- normally
$HOME/.mozilla/default/*.slt/history.dat -- and extract the id, url, name,
hostname, first visted dat, last visited date and visit count.

To find your history file it might be worth using *Mozilla::Backup* which
has some platform-independent code for finding the profiles of various
Mozilla-isms (including Firefox, Camino, K-Meleon, etc.).

ExifTool provides an extensible set of perl modules to read and write meta
information in a wide variety of files, including the maker note
information of many digital cameras by various manufacturers such as Canon,
Casio, FujiFilm, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta,
Nikon, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Ricoh, Samsung, Sanyo,
Sigma/Foveon and Sony.

Below is a list of file types and meta information formats currently
supported by ExifTool (r = read, w = write, c = create):

File Types
------------+-------------+-------------+-------------+------------
3FR r | DVB r | M2TS r | PAGES r | RW2 r/w
3G2 r | DYLIB r | M4A/V r | PBM r/w | RWL r/w
3GP r | EIP r | MEF r/w | PDF r/w | RWZ r
ACR r | EPS r/w | MIE r/w/c | PEF r/w | RM r
AFM r | ERF r/w | MIFF r | PFA r | SO r
AI r/w | EXE r | MKA r | PFB r | SR2 r/w
AIFF r | EXIF r/w/c | MKS r | PFM r | SRF r
APE r | F4A/V r | MKV r | PGM r/w | SRW r/w
ARW r/w | FLA r | MNG r/w | PICT r | SVG r
ASF r | FLAC r | MOS r/w | PMP r | SWF r
AVI r | FLV r | MOV r | PNG r/w | THM r/w
BMP r | FPX r | MP3 r | PPM r/w | TIFF r/w
BTF r | GIF r/w | MP4 r | PPT r | TTC r
COS r | GZ r | MPC r | PPTX r | TTF r
CR2 r/w | HDP r/w | MPG r | PS r/w | VRD r/w/c
CRW r/w | HTML r | MPO r/w | PSB r/w | WAV r
CS1 r/w | ICC r/w/c | MQV r | PSD r/w | WDP r/w
DCM r | IIQ r | MRW r/w | PSP r | WEBP r
DCP r/w | IND r/w | NEF r/w | QTIF r | WEBM r
DCR r | ITC r | NRW r/w | RA r | WMA r
DFONT r | JNG r/w | NUMBERS r | RAF r/w | WMV r
DIVX r | JP2 r/w | ODP r | RAM r | X3F r/w
DJVU r | JPEG r/w | ODS r | RAR r | XCF r
DLL r | K25 r | ODT r | RAW r/w | XLS r
DNG r/w | KDC r | OGG r | RIFF r | XLSX r
DOC r | KEY r | ORF r/w | RSRC r | XMP r/w/c
DOCX r | LNK r | OTF r | RTF r | ZIP r

Meta Information
----------------------+----------------------+---------------------
EXIF r/w/c | Kodak Meta r/w | Picture Info r
GPS r/w/c | FotoStation r/w | Adobe APP14 r
IPTC r/w/c | PhotoMechanic r/w | MPF r
XMP r/w/c | JPEG 2000 r | Stim r
MakerNotes r/w/c | DICOM r | APE r
Photoshop IRB r/w/c | Flash r | Vorbis r
ICC Profile r/w/c | FlashPix r | SPIFF r
MIE r/w/c | QuickTime r | DjVu r
JFIF r/w/c | Matroska r | M2TS r
Ducky APP12 r/w/c | GeoTIFF r | PE/COFF r
PDF r/w/c | PrintIM r | AVCHD r
CIFF r/w | ID3 r | ZIP r
AFCP r/w | Ricoh RMETA r | (and more)

This module is a low-level interface to the Mac OS X Property List (plist)
format. You probably shouldn't use this in applications--build interfaces
on top of this so you don't have to put all the heinous multi-level object
stuff where people have to look at it.

You can parse a plist file and get back a data structure. You can take that
data structure and get back the plist as XML. If you want to change the
structure inbetween that's your business. :)

You don't need to be on Mac OS X to use this. It simply parses and
manipulates a text format that Mac OS X uses.

Parse::Win32Registry is a module for parsing Windows Registry files,
allowing you to read the keys and values of a registry file without going
through the Windows API.

It provides an object-oriented interface to the keys and values in a
registry file. Registry files are structured as trees of keys, with each
key containing further subkeys or values.

The module is intended to be cross-platform, and run on those platforms
where Perl will run.

It supports both Windows NT registry files (Windows NT, 2000, XP, 2003,
Vista, 7) and Windows 95 registry files (Windows 95, 98, Millennium
Edition).

It is intended to be used to parse offline registry files. If a registry
file is currently in use, you will not be able to open it. However, you can
save part or all of a currently loaded registry file using the Windows reg
command if you have the appropriate administrative access.