'''Helix''' is a [[live cd]] built on top of [[Knoppix]]. It focuses on [[incident response]] and [[computer forensics]].
==File Systems Understood==
==File Search Facilities==
==Historical Reconstruction==
Can it build timelines and search by creation date?
==Searching Abilities==
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
==Hash Databases==
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases?
What sort of hash functions does it use?
==Evidence Collection Features==
Can it sign files? Does it keep an audit log?
Originally written in (YEAR), it has now developed into a Forensic Edition and an Enterprise Edition.
==License Notes==
""''Helix is based off of the original Knoppix distribution and retains all of the original licenses from that distribution. All additions that I have made are covered under GPL or by the licenses of the prospective authors.''" -- [http://www.e-fense.com/helix/faq.php Helix FAQ].
= External Links =
* [http://www.e-fense.com/helix/ Official website]
Latest revision as of 06:31, 8 August 2013