install-dfir.sh

1. #!/bin/bash
2. # Simple little script to load DFIR tools into Ubuntu 14.10
3. # by Dr. Phil Polstra @ppolstra
4.  
5. # create repositories
6. echo "deb http://ppa.launchpad.net/sift/stable/ubuntu trusty main" \
7. > /etc/apt/sources.list.d/sift-ubuntu-stable-utopic.list
8. echo "deb http://ppa.launchpad.net/tualatrix/ppa/ubuntu trusty main" \
9. > /etc/apt/sources.list.d/tualatrix-ubuntu-ppa-utopic.list
10.  
11. #list of packages
12. pkglist="aeskeyfind
13. afflib-tools
14. afterglow
15. aircrack-ng
16. arp-scan
17. autopsy
18. binplist
19. bitpim
20. bitpim-lib
21. bless
22. blt
23. build-essential
24. bulk-extractor
25. cabextract
26. clamav
27. cryptsetup
28. dc3dd
29. dconf-tools
30. dumbpig
31. e2fslibs-dev
32. ent
33. epic5
34. etherape
35. exif
36. extundelete
37. f-spot
38. fdupes
39. flare
40. flasm
41. flex
42. foremost
43. g++
44. gcc
45. gdb
46. ghex
47. gthumb
48. graphviz
49. hexedit
50. htop
51. hydra
52. hydra-gtk
53. ipython
54. kdiff3
55. kpartx
56. libafflib0
57. libafflib-dev
58. libbde
59. libbde-tools
60. libesedb
61. libesedb-tools
62. libevt
63. libevt-tools
64. libevtx
65. libevtx-tools
66. libewf
67. libewf-dev
68. libewf-python
69. libewf-tools
70. libfuse-dev
71. libfvde
72. libfvde-tools
73. liblightgrep
74. libmsiecf
75. libnet1
76. libolecf
77. libparse-win32registry-perl
78. libregf
79. libregf-dev
80. libregf-python
81. libregf-tools
82. libssl-dev
83. libtext-csv-perl
84. libvshadow
85. libvshadow-dev
86. libvshadow-python
87. libvshadow-tools
88. libxml2-dev
89. maltegoce
90. md5deep
91. nbd-client
92. netcat
93. netpbm
94. nfdump
95. ngrep
96. ntopng
97. okular
98. openjdk-6-jdk
99. p7zip-full
100. phonon
101. pv
102. pyew
103. python
104. python-dev
105. python-pip
106. python-flowgrep
107. python-nids
108. python-ntdsxtract
109. python-pefile
110. python-plaso
111. python-qt4
112. python-tk
113. python-volatility
114. pytsk3
115. rsakeyfind
116. safecopy
117. sleuthkit
118. ssdeep
119. ssldump
120. stunnel4
121. tcl
122. tcpflow
123. tcpstat
124. tcptrace
125. tofrodos
126. torsocks
127. transmission
128. unrar
129. upx-ucl
130. vbindiff
131. virtuoso-minimal
132. winbind
133. wine
134. wireshark
135. xmount
136. zenity
137. regripper
138. cmospwd
139. ophcrack
140. ophcrack-cli
141. bkhive
142. samdump2
143. cryptcat
144. outguess
145. bcrypt
146. ccrypt
147. readpst
148. ettercap-graphical
149. driftnet
150. tcpreplay
151. tcpxtract
152. tcptrack
153. p0f
154. netwox
155. lft
156. netsed
157. socat
158. knocker
159. nikto
160. nbtscan
161. radare-gtk
162. python-yara
163. gzrt
164. testdisk
165. scalpel
166. qemu
167. qemu-utils
168. gddrescue
169. dcfldd
170. vmfs-tools
171. mantaray
172. python-fuse
173. samba
174. open-iscsi
175. curl
176. git
177. system-config-samba
178. libpff
179. libpff-dev
180. libpff-tools
181. libpff-python
182. xfsprogs
183. gawk
184. exfat-fuse
185. exfat-utils
186. xpdf
187. feh
188. pyew
189. radare
190. radare2
191. pev
192. tcpick
193. pdftk
194. sslsniff
195. dsniff
196. rar
197. xdot
198. ubuntu-tweak
199. vim"
200.  
201.  
202.  
203. #actually install
204. # first update
205. apt-get update
206.  
207. for pkg in ${pkglist}
208. do
209. if (dpkg --list | awk '{print $2}' | egrep "^${pkg}$" 2>/dev/null) ;
210. then
211. echo "yeah ${pkg} already installed"
212. else
213. # try to install
214. echo -n "Trying to install ${pkg}..."
215. if (apt-get -y install ${pkg} 2>/dev/null) ; then
216. echo "+++Succeeded+++"
217. else
218. echo "----FAILED----"
219. fi
220. fi
221. done