blob: 5095d28fc81730acf6a163e485e6cba187a851c9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
|
#!/bin/bash
source ~/.colors
~/.tools/ratmenu -label "forensic" \
-style dreary -fg "$COLOR11" -bg "$COLOR0" \
"aesfix" "urxvt -e bash -c 'aesfix && zsh'" \
"aeskeyfind" "urxvt -e bash -c 'aeskeyfind -h && zsh'" \
"affcat" "urxvt -e bash -c 'affcat && zsh'" \
"affcompare" "urxvt -e bash -c 'affcompare && zsh'" \
"affconvert" "urxvt -e bash -c 'affconvert && zsh'" \
"affcopy" "urxvt -e bash -c 'affcopy && zsh'" \
"affcrypto" "urxvt -e bash -c 'affcrypto && zsh'" \
"affdiskprint" "urxvt -e bash -c 'affdiskprint && zsh'" \
"affinfo" "urxvt -e bash -c 'affinfo && zsh'" \
"affix" "urxvt -e bash -c 'affix && zsh'" \
"affrecover" "urxvt -e bash -c 'affrecover && zsh'" \
"affsegment" "urxvt -e bash -c 'affsegment && zsh'" \
"affsign" "urxvt -e bash -c 'affsign && zsh'" \
"affstats" "urxvt -e bash -c 'affstats && zsh'" \
"affuse" "urxvt -e bash -c 'affuse && zsh'" \
"affverify" "urxvt -e bash -c 'affverify && zsh'" \
"affxml" "urxvt -e bash -c 'affxml && zsh'" \
"aimage" "urxvt -e bash -c 'aimage -h && zsh'" \
"air" "urxvt -e bash -c 'air && zsh'" \
"air-counter" "urxvt -e bash -c 'air-counter && zsh'" \
"tailer" "urxvt -e bash -c 'tailer --help && zsh'" \
"androick" "urxvt -e bash -c 'androick && zsh'" \
"autopsy" "urxvt -e bash -c 'autopsy -h && zsh'" \
"pxedump" "urxvt -e bash -c 'pxedump -h && zsh'" \
"usbdump" "urxvt -e bash -c 'usbdump -h && zsh'" \
"bmaptool" "urxvt -e bash -c 'bmaptool -h && zsh'" \
"BEViewer" "urxvt -e bash -c 'BEViewer -h && zsh'" \
"BEViewer.jar" "urxvt -e bash -c 'BEViewer.jar && zsh'" \
"bulk_extractor" "urxvt -e bash -c 'bulk_extractor && zsh'" \
"plugin_test" "urxvt -e bash -c 'plugin_test && zsh'" \
"canari" "urxvt -e bash -c 'canari -h && zsh'" \
"dispatcher" "urxvt -e bash -c 'dispatcher -h && zsh'" \
"pysudo" "urxvt -e bash -c 'pysudo -h && zsh'" \
"captipper" "urxvt -e bash -c 'captipper && zsh'" \
"casefile" "urxvt -e bash -c 'casefile --help && zsh'" \
"maltego" "urxvt -e bash -c 'maltego -h && zsh'" \
"maltego.ico" "urxvt -e bash -c 'maltego.ico && zsh'" \
"chaosmap" "urxvt -e bash -c 'chaosmap && zsh'" \
"chkrootkit" "urxvt -e bash -c 'chkrootkit -h && zsh'" \
"chntpw" "urxvt -e bash -c 'chntpw -h && zsh'" \
"cpnt" "urxvt -e bash -c 'cpnt && zsh'" \
"reged" "urxvt -e bash -c 'reged && zsh'" \
"chntpw" "urxvt -e bash -c 'chntpw -h && zsh'" \
"cpnt" "urxvt -e bash -c 'cpnt && zsh'" \
"reged" "urxvt -e bash -c 'reged && zsh'" \
"chromefreak" "urxvt -e bash -c 'chromefreak -h && zsh'" \
"dc3dd" "urxvt -e bash -c 'dc3dd --help && zsh'" \
"dcfldd" "urxvt -e bash -c 'dcfldd --help && zsh'" \
"dcfldd" "urxvt -e bash -c 'dcfldd --help && zsh'" \
"ddrescue" "urxvt -e bash -c 'ddrescue --help && zsh'" \
"ddrescuelog" "urxvt -e bash -c 'ddrescuelog --help && zsh'" \
"ddrescue" "urxvt -e bash -c 'ddrescue --help && zsh'" \
"ddrescuelog" "urxvt -e bash -c 'ddrescuelog --help && zsh'" \
"dumpzilla" "urxvt -e bash -c 'dumpzilla -h && zsh'" \
"dbxparse" "urxvt -e bash -c 'dbxparse -h && zsh'" \
"exiv2" "urxvt -e bash -c 'exiv2 -h && zsh'" \
"metacopy" "urxvt -e bash -c 'metacopy -h && zsh'" \
"path-test" "urxvt -e bash -c 'path-test && zsh'" \
"exiv2" "urxvt -e bash -c 'exiv2 -h && zsh'" \
"metacopy" "urxvt -e bash -c 'metacopy -h && zsh'" \
"path-test" "urxvt -e bash -c 'path-test && zsh'" \
"extundelete" "urxvt -e bash -c 'extundelete -h && zsh'" \
"extundelete" "urxvt -e bash -c 'extundelete -h && zsh'" \
"foremost" "urxvt -e bash -c 'foremost -h && zsh'" \
"fs-nyarl" "urxvt -e bash -c 'fs-nyarl -h && zsh'" \
"chaosreader0.94" "urxvt -e bash -c 'chaosreader0.94 && zsh'" \
"galleta" "urxvt -e bash -c 'galleta && zsh'" \
"grokevt-addlog" "urxvt -e bash -c 'grokevt-addlog && zsh'" \
"grokevt-builddb" "urxvt -e bash -c 'grokevt-builddb && zsh'" \
"grokevt-dumpmsgs" "urxvt -e bash -c 'grokevt-dumpmsgs && zsh'" \
"grokevt-findlogs" "urxvt -e bash -c 'grokevt-findlogs && zsh'" \
"grokevt-parselog" "urxvt -e bash -c 'grokevt-parselog && zsh'" \
"guymager" "urxvt -e bash -c 'guymager && zsh'" \
"haystack" "urxvt -e bash -c 'haystack -h && zsh'" \
"haystack-dump" "urxvt -e bash -c 'haystack-dump -h && zsh'" \
"haystack-gui" "urxvt -e bash -c 'haystack-gui && zsh'" \
"haystack-reverse" "urxvt -e bash -c 'haystack-reverse -h && zsh'" \
"INDXParse.py" "urxvt -e bash -c 'INDXParse.py && zsh'" \
"MFTINDX.py" "urxvt -e bash -c 'MFTINDX.py && zsh'" \
"MFTView.py" "urxvt -e bash -c 'MFTView.py && zsh'" \
"SDS_get_index.py" "urxvt -e bash -c 'SDS_get_index.py && zsh'" \
"extract_mft_record_slack.py" "urxvt -e bash -c 'extract_mft_record_slack.py && zsh'" \
"fuse-mft.py" "urxvt -e bash -c 'fuse-mft.py && zsh'" \
"get_file_info.py" "urxvt -e bash -c 'get_file_info.py && zsh'" \
"list_mft.py" "urxvt -e bash -c 'list_mft.py && zsh'" \
"tree_mft.py" "urxvt -e bash -c 'tree_mft.py && zsh'" \
"interrogate" "urxvt -e bash -c 'interrogate -h && zsh'" \
"iosforensic" "urxvt -e bash -c 'iosforensic -h && zsh'" \
"ipba2" "urxvt -e bash -c 'ipba2 && zsh'" \
"iphoneanalyzer" "urxvt -e bash -c 'iphoneanalyzer -h && zsh'" \
"mac-robber" "urxvt -e bash -c 'mac-robber -h && zsh'" \
"dupemap" "urxvt -e bash -c 'dupemap && zsh'" \
"magicrescue" "urxvt -e bash -c 'magicrescue && zsh'" \
"magicsort" "urxvt -e bash -c 'magicsort && zsh'" \
"make-pdf-javascript" "urxvt -e bash -c 'make-pdf-javascript && zsh'" \
"malheur" "urxvt -e bash -c 'malheur -h && zsh'" \
"maltego" "urxvt -e bash -c 'maltego -h && zsh'" \
"maltego" "urxvt -e bash -c 'maltego -h && zsh'" \
"maltego.ico" "urxvt -e bash -c 'maltego.ico && zsh'" \
"ant" "urxvt -e bash -c 'ant && zsh'" \
"ant.bat" "urxvt -e bash -c 'ant.bat && zsh'" \
"ant.cmd" "urxvt -e bash -c 'ant.cmd && zsh'" \
"antRun" "urxvt -e bash -c 'antRun && zsh'" \
"antRun.bat" "urxvt -e bash -c 'antRun.bat && zsh'" \
"antRun.pl" "urxvt -e bash -c 'antRun.pl && zsh'" \
"antenv.cmd" "urxvt -e bash -c 'antenv.cmd && zsh'" \
"complete-ant-cmd.pl" "urxvt -e bash -c 'complete-ant-cmd.pl && zsh'" \
"envset.cmd" "urxvt -e bash -c 'envset.cmd && zsh'" \
"lcp.bat" "urxvt -e bash -c 'lcp.bat && zsh'" \
"runant.pl" "urxvt -e bash -c 'runant.pl && zsh'" \
"runant.py" "urxvt -e bash -c 'runant.py && zsh'" \
"runrc.cmd" "urxvt -e bash -c 'runrc.cmd && zsh'" \
"malwaredetect" "urxvt -e bash -c 'malwaredetect && zsh'" \
"mboxgrep" "urxvt -e bash -c 'mboxgrep && zsh'" \
"hashdeep" "urxvt -e bash -c 'hashdeep -h && zsh'" \
"md5deep" "urxvt -e bash -c 'md5deep -h && zsh'" \
"sha1deep" "urxvt -e bash -c 'sha1deep -h && zsh'" \
"sha256deep" "urxvt -e bash -c 'sha256deep -h && zsh'" \
"tigerdeep" "urxvt -e bash -c 'tigerdeep -h && zsh'" \
"whirlpooldeep" "urxvt -e bash -c 'whirlpooldeep -h && zsh'" \
"gmdb2" "urxvt -e bash -c 'gmdb2 && zsh'" \
"mdb-array" "urxvt -e bash -c 'mdb-array && zsh'" \
"mdb-export" "urxvt -e bash -c 'mdb-export && zsh'" \
"mdb-header" "urxvt -e bash -c 'mdb-header && zsh'" \
"mdb-hexdump" "urxvt -e bash -c 'mdb-hexdump && zsh'" \
"mdb-parsecsv" "urxvt -e bash -c 'mdb-parsecsv && zsh'" \
"mdb-prop" "urxvt -e bash -c 'mdb-prop && zsh'" \
"mdb-schema" "urxvt -e bash -c 'mdb-schema && zsh'" \
"mdb-sql" "urxvt -e bash -c 'mdb-sql && zsh'" \
"mdb-tables" "urxvt -e bash -c 'mdb-tables && zsh'" \
"mdb-ver" "urxvt -e bash -c 'mdb-ver && zsh'" \
"memdump_kernel" "urxvt -e bash -c 'memdump_kernel -h && zsh'" \
"memfetch" "urxvt -e bash -c 'memfetch && zsh'" \
"mobius" "urxvt -e bash -c 'mobius && zsh'" \
"mp3nema" "urxvt -e bash -c 'mp3nema -h && zsh'" \
"ms-sys" "urxvt -e bash -c 'ms-sys -h && zsh'" \
"nfex" "urxvt -e bash -c 'nfex -h && zsh'" \
"ezhexviewer" "urxvt -e bash -c 'ezhexviewer && zsh'" \
"olebrowse" "urxvt -e bash -c 'olebrowse && zsh'" \
"oleid" "urxvt -e bash -c 'oleid -h && zsh'" \
"olemeta" "urxvt -e bash -c 'olemeta -h && zsh'" \
"oletimes" "urxvt -e bash -c 'oletimes && zsh'" \
"olevba" "urxvt -e bash -c 'olevba && zsh'" \
"pyxswf" "urxvt -e bash -c 'pyxswf && zsh'" \
"rtfobj" "urxvt -e bash -c 'rtfobj && zsh'" \
"pasco" "urxvt -e bash -c 'pasco && zsh'" \
"pdf-parser" "urxvt -e bash -c 'pdf-parser && zsh'" \
"pdfbook-analyzer" "urxvt -e bash -c 'pdfbook-analyzer -h && zsh'" \
"pdfid" "urxvt -e bash -c 'pdfid && zsh'" \
"pdfresurrect" "urxvt -e bash -c 'pdfresurrect -h && zsh'" \
"peepdf" "urxvt -e bash -c 'peepdf -h && zsh'" \
"ofs2rva" "urxvt -e bash -c 'ofs2rva && zsh'" \
"pedis" "urxvt -e bash -c 'pedis && zsh'" \
"pehash" "urxvt -e bash -c 'pehash && zsh'" \
"pepack" "urxvt -e bash -c 'pepack && zsh'" \
"pescan" "urxvt -e bash -c 'pescan && zsh'" \
"pesec" "urxvt -e bash -c 'pesec && zsh'" \
"pestr" "urxvt -e bash -c 'pestr && zsh'" \
"readpe" "urxvt -e bash -c 'readpe && zsh'" \
"rva2ofs" "urxvt -e bash -c 'rva2ofs && zsh'" \
"recoverjpeg" "urxvt -e bash -c 'recoverjpeg && zsh'" \
"recovermov" "urxvt -e bash -c 'recovermov && zsh'" \
"remove-duplicates" "urxvt -e bash -c 'remove-duplicates && zsh'" \
"sort-pictures" "urxvt -e bash -c 'sort-pictures && zsh'" \
"reglookup" "urxvt -e bash -c 'reglookup && zsh'" \
"reglookup-recover" "urxvt -e bash -c 'reglookup-recover && zsh'" \
"reglookup-timeline" "urxvt -e bash -c 'reglookup-timeline && zsh'" \
"replayproxy" "urxvt -e bash -c 'replayproxy -h && zsh'" \
"rifiuti" "urxvt -e bash -c 'rifiuti --help-all && zsh'" \
"rifiuti-vista" "urxvt -e bash -c 'rifiuti-vista -h && zsh'" \
"rkhunter" "urxvt -e bash -c 'rkhunter -h && zsh'" \
"rkhunter" "urxvt -e bash -c 'rkhunter -h && zsh'" \
"rsakeyfind" "urxvt -e bash -c 'rsakeyfind && zsh'" \
"safecopy" "urxvt -e bash -c 'safecopy && zsh'" \
"scalpel" "urxvt -e bash -c 'scalpel && zsh'" \
"scrounge-ntfs" "urxvt -e bash -c 'scrounge-ntfs -h && zsh'" \
"skypefreak" "urxvt -e bash -c 'skypefreak -h && zsh'" \
"blkcalc" "urxvt -e bash -c 'blkcalc && zsh'" \
"blkcat" "urxvt -e bash -c 'blkcat && zsh'" \
"blkls" "urxvt -e bash -c 'blkls && zsh'" \
"blkstat" "urxvt -e bash -c 'blkstat && zsh'" \
"fcat" "urxvt -e bash -c 'fcat && zsh'" \
"ffind" "urxvt -e bash -c 'ffind && zsh'" \
"fiwalk" "urxvt -e bash -c 'fiwalk && zsh'" \
"fls" "urxvt -e bash -c 'fls -h && zsh'" \
"fsstat" "urxvt -e bash -c 'fsstat && zsh'" \
"hfind" "urxvt -e bash -c 'hfind && zsh'" \
"icat" "urxvt -e bash -c 'icat && zsh'" \
"ifind" "urxvt -e bash -c 'ifind && zsh'" \
"ils" "urxvt -e bash -c 'ils && zsh'" \
"img_cat" "urxvt -e bash -c 'img_cat && zsh'" \
"img_stat" "urxvt -e bash -c 'img_stat -h && zsh'" \
"istat" "urxvt -e bash -c 'istat && zsh'" \
"jcat" "urxvt -e bash -c 'jcat && zsh'" \
"jls" "urxvt -e bash -c 'jls && zsh'" \
"jpeg_extract" "urxvt -e bash -c 'jpeg_extract && zsh'" \
"mactime" "urxvt -e bash -c 'mactime && zsh'" \
"mmcat" "urxvt -e bash -c 'mmcat -h && zsh'" \
"mmls" "urxvt -e bash -c 'mmls && zsh'" \
"mmstat" "urxvt -e bash -c 'mmstat && zsh'" \
"sigfind" "urxvt -e bash -c 'sigfind && zsh'" \
"sorter" "urxvt -e bash -c 'sorter && zsh'" \
"srch_strings" "urxvt -e bash -c 'srch_strings && zsh'" \
"tsk_comparedir" "urxvt -e bash -c 'tsk_comparedir && zsh'" \
"tsk_gettimes" "urxvt -e bash -c 'tsk_gettimes && zsh'" \
"tsk_loaddb" "urxvt -e bash -c 'tsk_loaddb && zsh'" \
"tsk_recover" "urxvt -e bash -c 'tsk_recover && zsh'" \
"blkcalc" "urxvt -e bash -c 'blkcalc && zsh'" \
"blkcat" "urxvt -e bash -c 'blkcat && zsh'" \
"blkls" "urxvt -e bash -c 'blkls && zsh'" \
"blkstat" "urxvt -e bash -c 'blkstat && zsh'" \
"fcat" "urxvt -e bash -c 'fcat && zsh'" \
"ffind" "urxvt -e bash -c 'ffind && zsh'" \
"fiwalk" "urxvt -e bash -c 'fiwalk && zsh'" \
"fls" "urxvt -e bash -c 'fls -h && zsh'" \
"fsstat" "urxvt -e bash -c 'fsstat && zsh'" \
"hfind" "urxvt -e bash -c 'hfind && zsh'" \
"icat" "urxvt -e bash -c 'icat && zsh'" \
"ifind" "urxvt -e bash -c 'ifind && zsh'" \
"ils" "urxvt -e bash -c 'ils && zsh'" \
"img_cat" "urxvt -e bash -c 'img_cat && zsh'" \
"img_stat" "urxvt -e bash -c 'img_stat -h && zsh'" \
"istat" "urxvt -e bash -c 'istat && zsh'" \
"jcat" "urxvt -e bash -c 'jcat && zsh'" \
"jls" "urxvt -e bash -c 'jls && zsh'" \
"jpeg_extract" "urxvt -e bash -c 'jpeg_extract && zsh'" \
"mactime" "urxvt -e bash -c 'mactime && zsh'" \
"mmcat" "urxvt -e bash -c 'mmcat -h && zsh'" \
"mmls" "urxvt -e bash -c 'mmls && zsh'" \
"mmstat" "urxvt -e bash -c 'mmstat && zsh'" \
"sigfind" "urxvt -e bash -c 'sigfind && zsh'" \
"sorter" "urxvt -e bash -c 'sorter && zsh'" \
"srch_strings" "urxvt -e bash -c 'srch_strings && zsh'" \
"tsk_comparedir" "urxvt -e bash -c 'tsk_comparedir && zsh'" \
"tsk_gettimes" "urxvt -e bash -c 'tsk_gettimes && zsh'" \
"tsk_loaddb" "urxvt -e bash -c 'tsk_loaddb && zsh'" \
"tsk_recover" "urxvt -e bash -c 'tsk_recover && zsh'" \
"snort" "urxvt -e bash -c 'snort -h && zsh'" \
"u2boat" "urxvt -e bash -c 'u2boat && zsh'" \
"u2spewfoo" "urxvt -e bash -c 'u2spewfoo && zsh'" \
"automater" "urxvt -e bash -c 'automater -h && zsh'" \
"trid" "urxvt -e bash -c 'trid -h && zsh'" \
"unhide" "urxvt -e bash -c 'unhide -h && zsh'" \
"unhide-linux" "urxvt -e bash -c 'unhide-linux && zsh'" \
"unhide-posix" "urxvt -e bash -c 'unhide-posix && zsh'" \
"unhide-tcp" "urxvt -e bash -c 'unhide-tcp && zsh'" \
"unhide_rb" "urxvt -e bash -c 'unhide_rb && zsh'" \
"unhide" "urxvt -e bash -c 'unhide -h && zsh'" \
"unhide-linux" "urxvt -e bash -c 'unhide-linux && zsh'" \
"unhide-posix" "urxvt -e bash -c 'unhide-posix && zsh'" \
"unhide-tcp" "urxvt -e bash -c 'unhide-tcp && zsh'" \
"unhide_rb" "urxvt -e bash -c 'unhide_rb && zsh'" \
"vinetto" "urxvt -e bash -c 'vinetto -h && zsh'" \
"vol.py" "urxvt -e bash -c 'vol.py -h && zsh'" \
"volatility" "urxvt -e bash -c 'volatility -h && zsh'" \
"wyd" "urxvt -e bash -c 'wyd && zsh'" \
|
