ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

DEFT Linux

From ForensicsWiki
Revision as of 15:08, 12 January 2007 by Stefano.fratepietro (Talk | contribs)

Jump to: navigation, search
DEFT Linux
Maintainer: Stefano Fratepietro
OS: Linux
Genre: Live CD
License: GPL, others
Website: [1]

DEFT is a Live CD built on top of Kubuntu with the best tools for Computer Forensic and incident response.

Tools included

Deft computer and network forensic packages list:

- sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
- autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
- aff lib, advanced forensic format
- gpart, tool which tries to guess the primary partition table of a PC-type hard disk
- dd rescue, copy data from one file or block device to another
- foremost, console program to recover files based on their headers, footers, and internal data structures
- hex dump, combined hex and ascii dump of any file
- khex edit, a versatile and customizable hex editor
- steg detect, a steganography detection software
- ophcrack, Windows password recovery
- wireshark, network sniffer
- ettercap, network sniffer
- nessus, vulnerability and security scanner
- nmap, the best network scanner
- airsnort, wireless LAN (WLAN) tool which recovers encryption keys
- kismet, sniffer and intrusion detection system that work with any wireless card
- dmraid, discover software RAID devices
- vinetto, tool to examine Thumbs.db files
- trID, tool to identify file types from their binary signatures

Deft utility package list:

- linux Kernel 2.6.17
- lkDE 3.5.5
- k3b
- samba client
- open SSH client & server

and mutch more...

External Links