Install forensics-all by entering the following commands in the terminal:
sudo apt update sudo apt install forensics-all
Description:
Debian Forensics Environment - essential components (metapackage)
This package provides the core components for a forensics environment. All here available tools are packaged by Debian Forensics Team. This metapackage includes the most programs to data recovery, rootkit and exploit search, filesystems and memory analysis, image acquisition, volume inspection, special actions over the hardware and many other activities. . The following packages were included in this metapackage: . aesfix, aeskeyfind, afflib-tools, bruteforce-salted-openssl, cewl, chaosreader, crack or crack-md5, dc3dd, dislocker, ed2k-hash, ewf-tools, exifprobe, ext3grep, ext4magic, extundelete, fcrackzip, forensics-colorize, galleta, gpart, grokevt, guymager, hashdeep, hashrat, mac-robber, magicrescue, memdump, metacam, missidentify, myrescue, nasty, pasco, pff-tools, pipebench, plaso, pompem, recoverdm, recoverjpeg, reglookup, rekall-core, rephrase, rifiuti, rifiuti2, rkhunter, rsakeyfind, safecopy, scalpel, scrounge-ntfs, shed, sleuthkit, ssdeep, steghide, tableau-parm, undbx, unhide, unhide.rb, vinetto, volatility, volatility-tools, winregfs, wipe, yara. . This package is useful for pentesters, ethical hackers and forensics experts.
Version: 1.7
Section: universe/metapackages