Bug#987586: ITP: regripper -- perform forensic analysis of registry hives
Package: wnpp Severity: wishlist Owner: Jan Gru X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: regripper Version : 3.0 Upstream Author : Harlan Carvey * URL : https://github.com/keydet89/RegRipper3.0 * License : MIT Programming Lang: Perl Description : Regripper - perform forensic analysis of registry hives Bcc: Jan Gru Regripper is a popular tool to perform forensic analysis of Windows Registry files. It can be used to surgically extract, translate, and display information (both data and metadata) from Registry-formatted files via plugins in the form of Perl-scripts. ** Why is this package relevant? Regripper has an ancestral place in digital forensics and incident response with open source tools. Right now there are no other Debian packages providing similiar functionality. It was developed by the renowned author Harlan Carvey [fn:1]. It provides the capability to parse and analyze offline Windows registry files, which house a lot of valuable information needed in DFIR work. Regripper is the goto tool for performing open source DFIR work on Windows systems [fn:2]. There exist numerous guides dealing with the installation procedure of regripper on Linux systems [fn:3]. Therefore is a need for a regripper package. I am using it myself on a regular basis to perform DFIR work. ** Maintenance plan I want to suggest to maintain regripper inside the pkg-security-team's repository on salsa, where a lot of forensics packages live [fn:4]. I am looking for a sponsor for this package - ideally a member of the pkg-security-team. ** Footnotes [fn:1] E.g. see https://www.sans.org/blog/book-review-windows-forensic-analysis/ [fn:2] And even giants like Autopsy rely on regripper for registry parsing, see https://www.sleuthkit.org/autopsy/features.php [fn:3] See https://medium.com/@virtual_alloc/installing-regripper-v2-8-on-ubuntu-e30dfb41192c, https://blog.dfir.fi/tools/2020/02/19/install-regripper.html, https://thegreycorner.com/2010/04/25/running-regripper-on-linux.html to name a few [fn:4] See https://salsa.debian.org/pkg-security-team/
Bug#987562: ITP: golang-github-google-go-intervals -- Functions for set operations on intervals, such as time ranges
Package: wnpp Severity: wishlist Owner: Reinhard Tartler * Package name: golang-github-google-go-intervals Version : 0.0.2 Upstream Author : Google * URL : https://github.com/google/go-intervals * License : Apache-2.0 Programming Lang: Go Description : Functionsfor set operations on intervals, such as time ranges. go-intervals go-intervals is a library for performing set operations on 1-dimensional intervals, such as time ranges. I'm going to maintain this library under the pkg-go umbrella. It is a new dependency of github.com/containers/storage so that I don't have to vendor it there.
Bug#987559: ITP: plfit -- fitting power-law distributions to empirical data
Package: wnpp Severity: wishlist Owner: Jerome Benoit * Package name: plfit Version : 0.8.2 Upstream Author : Tamás Nepusz * URL : https://github.com/ntamas/plfit * License : GPL Programming Lang: C, Python Description : fitting power-law distributions to empirical data This program fits power-law distributions to empirical (discrete or continuous) data, according to the method of Clauset, Shalizi and Newman [SIAM Review 51, 661-703 (2009)]. This package is relevant in data analysis. It is actually part of the igraph C library as vendor software. igraph is a reputed suite of software to study networks. However plfit is not limited network study. I am planning to maintain plfit in behalf of the Debian Science Maintainers team.
Bug#987544: RFP: envoyproxy -- high performance C++ distributed proxy designed for single services and applications
Package: wnpp Severity: wishlist Owner: Jelmer Vernooij X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: envoyproxy Version : 1.18.2 Upstream Author : Envoy Project Authors * URL : http://envoyproxy.io/ * License : Apachev2 Programming Lang: C++ Description : high performance C++ distributed proxy designed for single services and applications Envoy is an L7 proxy and communication bus designed for large modern service oriented architectures. Envoy is a self contained process that is designed to run alongside every application server. All of the Envoys form a transparent communication mesh in which each application sends and receives messages to and from localhost and is unaware of the network topology. I'm interested in helping out with packaging envoyproxy, but am not sure if I have the bandwidth to do so myself. I'm filing this RFP primarily as a way to track status. See also https://www.envoyproxy.io/docs/envoy/latest/intro/what_is_envoy
