DEFT Linux

From ForensicsWiki
Revision as of 09:53, 12 January 2007 by Stefano.fratepietro (Talk | contribs)

Jump to: navigation, search
DEFT Linux
Maintainer: dr. Stefano Fratepietro
OS: Linux
Genre: Live CD
License: GPL, others
Website: [1]

DEFTis a Live CD built on top of Kubuntu with the best tools for Computer Forensic and incident response.

Tools included

Deft computer and network forensic packages list:

   * sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
   * autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
   * aff lib, advanced forensic format
   * gpart, tool which tries to guess the primary partition table of a PC-type hard disk
   * dd rescue, copy data from one file or block device to another
   * foremost, console program to recover files based on their headers, footers, and internal data structures
   * hex dump, combined hex and ascii dump of any file
   * khex edit, a versatile and customizable hex editor
   * steg detect, a steganography detection software
   * ophcrack, Windows password recovery
   * wireshark, network sniffer
   * ettercap, network sniffer
   * nessus, vulnerability and security scanner
   * nmap, the best network scanner
   * airsnort, wireless LAN (WLAN) tool which recovers encryption keys
   * kismet, sniffer and intrusion detection system that work with any wireless card
   * dmraid, discover software RAID devices
   * vinetto, tool to examine Thumbs.db files
   * TrID, tool to identify file types from their binary signatures

Deft utility package list:

   * Linux Kernel 2.6.17
   * KDE 3.5.5
   * K3b
   * Samba client
   * Open SSH client & server

and mutch more...

External Links