aeskeyfind - aeskeyfind - locate 128-bit and 256-bit AES keys in a captured memory image

Property Value
Distribution Fedora 29
Repository CERT Forensics Tools i386
Package filename aeskeyfind-1.0-4.fc29.i686.rpm
Package name aeskeyfind
Package version 1.0
Package release 4.fc29
Package architecture i686
Package type rpm
Category Applications/Forensics Tools
License GPL
Maintainer -
Download size 15.09 KB
Installed size 22.11 KB
This program illustrates automatic techniques for locating 128-bit and
256-bit AES keys in a captured memory image.
The program uses various algorithms and also performs a simple entropy
test to filter out blocks that are not keys. It counts the number of
repeated bytes and skips blocks that have too many repeats.
This method works even if several bits of the key schedule have been
corrupted due to memory decay.
This package is useful to several activities, as forensics investigations.


Package Version Architecture Repository
aeskeyfind-1.0-4.fc29.x86_64.rpm 1.0 x86_64 CERT Forensics Tools
aeskeyfind - - -


Name Value -
rtld(GNU_HASH) -


Name Value
aeskeyfind = 1.0-4.fc29
aeskeyfind(x86-32) = 1.0-4.fc29


Type URL
Binary Package aeskeyfind-1.0-4.fc29.i686.rpm
Source Package aeskeyfind-1.0-4.fc29.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-29 rpm:
  2. Install cert-forensics-tools-release-29 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install aeskeyfind rpm package:
    # dnf --enablerepo=forensics install aeskeyfind



See Also

Package Description
analysis-pipeline-5.11.3-1.fc29.i686.rpm Stream analysis of SiLK records
analyzeMFT- analyzeMFT
apfs-fuse-20190723-1.fc29.i686.rpm A read-only FUSE driver for the new Apple File System
artifacts-data-20190320-2.fc29.i686.rpm Data files for Summary: Artifact Repository
ataraw-0.2.1-1.fc29.i686.rpm Linux user-level ATA raw command utility
autopsy-4.12.0-1.fc29.i686.rpm Autopsy Forensic Browser
binplist-0.1.5-1.fc29.i686.rpm Binary property list (plist) parser module written in python
bro-2.6.3-0.fc29.i686.rpm Bro is a powerful framework for network analysis and security monitoring
bro-core-2.6.3-0.fc29.i686.rpm The core bro installation without broctl
bro-devel-2.6.3-0.fc29.i686.rpm Development files for Bro
bro-libcaf-devel-2.6.3-0.fc29.i686.rpm C++ actor framework development files
broctl-2.6.3-0.fc29.i686.rpm Bro Control
cert-forensics-tools-release-29-14.noarch.rpm CERT Forensics Tools Freeword Respository Configuration
coreutilsshim-1.0-1.fc29.noarch.rpm coreutilsshim - this package provides the dependencies needed several packages that are not provided by coreutils in Fedora 29
crunch-3.6-1.fc29.i686.rpm Crunch - Generate wordlists from a character set