Difference between revisions of "DEFT Linux"

From ForensicsWiki
Jump to: navigation, search
Line 14: Line 14:
 
'''Deft computer and network forensic packages list:'''
 
'''Deft computer and network forensic packages list:'''
  
    * sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
+
: - sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
    * autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
+
: - autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
    * aff lib, advanced forensic format
+
: - aff lib, advanced forensic format
    * gpart, tool which tries to guess the primary partition table of a PC-type hard disk
+
: - gpart, tool which tries to guess the primary partition table of a PC-type hard disk
    * dd rescue, copy data from one file or block device to another
+
: - dd rescue, copy data from one file or block device to another
    * foremost, console program to recover files based on their headers, footers, and internal data structures
+
: - foremost, console program to recover files based on their headers, footers, and internal data structures
    * hex dump, combined hex and ascii dump of any file
+
: - hex dump, combined hex and ascii dump of any file
    * khex edit, a versatile and customizable hex editor
+
: - khex edit, a versatile and customizable hex editor
    * steg detect, a steganography detection software
+
: - steg detect, a steganography detection software
    * ophcrack, Windows password recovery
+
: - ophcrack, Windows password recovery
    * wireshark, network sniffer
+
: - wireshark, network sniffer
    * ettercap, network sniffer
+
: - ettercap, network sniffer
    * nessus, vulnerability and security scanner
+
: - nessus, vulnerability and security scanner
    * nmap, the best network scanner
+
: - nmap, the best network scanner
    * airsnort, wireless LAN (WLAN) tool which recovers encryption keys
+
: - airsnort, wireless LAN (WLAN) tool which recovers encryption keys
    * kismet, sniffer and intrusion detection system that work with any wireless card
+
: - kismet, sniffer and intrusion detection system that work with any wireless card
    * dmraid, discover software RAID devices
+
: - dmraid, discover software RAID devices
    * vinetto, tool to examine Thumbs.db files
+
: - vinetto, tool to examine Thumbs.db files
    * TrID, tool to identify file types from their binary signatures
+
: - TrID, tool to identify file types from their binary signatures
  
 
'''Deft utility package list:'''
 
'''Deft utility package list:'''
  
    * Linux Kernel 2.6.17
+
: - linux Kernel 2.6.17
    * KDE 3.5.5
+
: - lkDE 3.5.5
    * K3b
+
: - k3b
    * Samba client
+
: - samba client
    * Open SSH client & server
+
: - open SSH client & server
 +
 
  
 
and mutch more...
 
and mutch more...

Revision as of 09:58, 12 January 2007

DEFT Linux
Maintainer: dr. Stefano Fratepietro
OS: Linux
Genre: Live CD
License: GPL, others
Website: [1]

DEFTis a Live CD built on top of Kubuntu with the best tools for Computer Forensic and incident response.

Tools included

Deft computer and network forensic packages list:

- sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
- autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
- aff lib, advanced forensic format
- gpart, tool which tries to guess the primary partition table of a PC-type hard disk
- dd rescue, copy data from one file or block device to another
- foremost, console program to recover files based on their headers, footers, and internal data structures
- hex dump, combined hex and ascii dump of any file
- khex edit, a versatile and customizable hex editor
- steg detect, a steganography detection software
- ophcrack, Windows password recovery
- wireshark, network sniffer
- ettercap, network sniffer
- nessus, vulnerability and security scanner
- nmap, the best network scanner
- airsnort, wireless LAN (WLAN) tool which recovers encryption keys
- kismet, sniffer and intrusion detection system that work with any wireless card
- dmraid, discover software RAID devices
- vinetto, tool to examine Thumbs.db files
- TrID, tool to identify file types from their binary signatures

Deft utility package list:

- linux Kernel 2.6.17
- lkDE 3.5.5
- k3b
- samba client
- open SSH client & server


and mutch more...

External Links