missidentify-1.0-1.fc29.i686.rpm


Advertisement

Description

missidentify - Find Win32 applications

Property Value
Distribution Fedora 29
Repository CERT Forensics Tools i386
Package filename missidentify-1.0-1.fc29.i686.rpm
Package name missidentify
Package version 1.0
Package release 1.fc29
Package architecture i686
Package type rpm
Category Applications/Forensics Tools
Homepage http://missidentify.sourceforge.net/
License GPL
Maintainer -
Download size 49.68 KB
Installed size 115.57 KB
Miss Identify is a program to find Win32 applications. In its default
mode it displays the filename of any executable that does not have
an executable extension (i.e. exe, dll, com, sys, cpl, hxs, hxi, olb,
rll, or tlb). The program can also be run to display all executables
encountered, regardless of the extension. This is handy when looking
for all of the executables on a drive. Other options allow the user to
record the strings found in an executable and to work recursively. See
the manual page for more information.
Sample output
Searching for mislabeled executables
C:\> missidentify *
C:\missidentify-1.0\sample.jpg
Searching for all executables
C:\> missidentify -a *
C:\missidentify-1.0\sample.jpg
C:\missidentify-1.0\missidentify.exe
Searching for all executables in an unusual place
C:\> missidentify -ar c:\windows\system32
...
C:\WINDOWS\System32\ntdll.dll
C:\WINDOWS\System32\ntoskrnl.exe
C:\WINDOWS\System32\NEVER-GONNA-CATCH-ME.EXE
C:\WINDOWS\System32\ntver.dll

Alternatives

Package Version Architecture Repository
missidentify-1.0-1.fc29.x86_64.rpm 1.0 x86_64 CERT Forensics Tools
missidentify - - -

Requires

Name Value
libc.so.6(GLIBC_2.4) -
rtld(GNU_HASH) -

Provides

Name Value
missidentify = 1.0-1.fc29
missidentify(x86-32) = 1.0-1.fc29

Download

Type URL
Mirror forensics.cert.org
Binary Package missidentify-1.0-1.fc29.i686.rpm
Source Package missidentify-1.0-1.fc29.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-29 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-29.rpm
  2. Install cert-forensics-tools-release-29 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install missidentify rpm package:
    # dnf --enablerepo=forensics install missidentify

Files

Path
/usr/bin/missidentify
/usr/lib/.build-id/
/usr/lib/.build-id/28/a4fd3d1cdce6c955237396cefed065cab78705
/usr/share/doc/missidentify/AUTHORS
/usr/share/doc/missidentify/COPYING
/usr/share/doc/missidentify/ChangeLog
/usr/share/doc/missidentify/INSTALL
/usr/share/doc/missidentify/NEWS
/usr/share/doc/missidentify/README
/usr/share/man/man1/missidentify.1.gz

See Also

Package Description
mount_ewf-20090113-2.fc29.noarch.rpm mount files in Expert Witness Format using loopback file system
nDPI-2.9.0-1.fc29.i686.rpm Open source deep packet inspection
nDPI-devel-2.9.0-1.fc29.i686.rpm Header files and libraries for developing applications for nDPI
netsa-python-1.5-1.fc29.i686.rpm Python routines and frameworks helpful when developing analyses using the SiLK toolkit
netsa-rayon-1.4.3-2.fc28.i686.rpm Python library and set of tools for generating basic two-dimensional statistical visualizations
netsa_silk-1.0-1.fc29.i686.rpm netsa_silk netsa-python PySiLK integration
opencore-amr-0.1.5-5.fc29.i686.rpm OpenCORE Adaptive Multi Rate Narrowband and Wideband speech lib
packetexaminer-0.9-4.fc29.i686.rpm PacketExaminer - Analyze PCAP files
pasco-1.0-1.fc29.i686.rpm Reconstruct IE internet activity
perl-File-Mork-0.4-1.fc29.noarch.rpm Module to read Mozilla URL history files
perl-Mac-PropertyList-1.412-1.fc29.noarch.rpm Work with Mac plists at a low level
perl-Parse-Evtx-1.1.1-2.fc29.noarch.rpm Windows Event Log Parser library
perl-Parse-Evtx-tools-1.1.1-2.fc29.noarch.rpm Tools for parsing Windows Events, written in perl
perl-Parse-Win32Registry-1.0-1.fc29.noarch.rpm Parse Windows Registry Files
plaso-20190708-1.fc29.i686.rpm plaso - Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines
Advertisement
Advertisement