Difference between revisions of "DEFT Linux 2"

From ForensicsWiki
Jump to: navigation, search
m
Line 5: Line 5:
 
   genre = {{Live CD}} |
 
   genre = {{Live CD}} |
 
   license = {{GPL}}, others |
 
   license = {{GPL}}, others |
   website = [http://www.stevelab.net/deft] |
+
   website = [http://www.deftlinux.net/] |
 
}}
 
}}
  
Line 20: Line 20:
 
: - dd rescue, copy data from one file or block device to another
 
: - dd rescue, copy data from one file or block device to another
 
: - [[foremost]], console program to recover files based on their headers, footers, and internal data structures
 
: - [[foremost]], console program to recover files based on their headers, footers, and internal data structures
: - hex dump, combined hex and ascii dump of any file
+
: - hexdump, combined hex and ascii dump of any file
: - khex edit, a versatile and customizable hex editor
+
: - khexedit, a versatile and customizable hex editor
: - steg detect, a steganography detection software
+
: - stegdetect, a steganography detection software
 
: - outguess, a stegano tool
 
: - outguess, a stegano tool
 
: - ophcrack, Windows password recovery
 
: - ophcrack, Windows password recovery
: - wireshark, network sniffer
+
: - [[wireshark]], network sniffer
 
: - ettercap, network sniffer
 
: - ettercap, network sniffer
 
: - nessus, vulnerability and security scanner (client)
 
: - nessus, vulnerability and security scanner (client)
 
: - nessusd, vulnerability and security scanner (server)
 
: - nessusd, vulnerability and security scanner (server)
: - nmap, the best network scanner
+
: - [[nmap]], the best network scanner
 
: - airsnort, wireless LAN (WLAN) tool which recovers encryption keys
 
: - airsnort, wireless LAN (WLAN) tool which recovers encryption keys
: - kismet, sniffer and intrusion detection system that work with any wireless card
+
: - [[kismet]], sniffer and intrusion detection system that work with any wireless card
 
: - dmraid, discover software RAID devices
 
: - dmraid, discover software RAID devices
: - testdisk, tool to recover damaged partitions
+
: - [[testdisk]], tool to recover damaged partitions
 
: - qtparted, a Partition Magic clone written in C++ using the Qt toolkit
 
: - qtparted, a Partition Magic clone written in C++ using the Qt toolkit
: - vinetto, tool to examine Thumbs.db files
+
: - [[vinetto]], tool to examine Thumbs.db files
 
: - trID, tool to identify file types from their binary signatures
 
: - trID, tool to identify file types from their binary signatures
: - readpst, a tools to read ms-Outlook pst files
+
: - [[libpst | readpst]], a tools to read ms-Outlook pst files
 
: - john, john the ripper password cracker
 
: - john, john the ripper password cracker
: - clam, anti virus
+
: - clam, antivirus
 
+
  
 
'''Deft v2 utility package list:'''
 
'''Deft v2 utility package list:'''
  
: - linux Kernel 2.6.20
+
: - Linux Kernel 2.6.20
: - lkDE 3.5.6
+
: - KDE 3.5.6
 
: - k3b
 
: - k3b
 
: - krdc
 
: - krdc
 
: - rdesktop
 
: - rdesktop
 
: - [[VMware]] client
 
: - [[VMware]] client
: - samba client
+
: - Samba client
: - open SSH client & server
+
: - OpenSSH client & server
 
: - speedcrunch
 
: - speedcrunch

Revision as of 17:07, 13 December 2008

DEFT v2 Linux
Maintainer: Stefano Fratepietro
OS: Linux
Genre: Live CD
License: GPL, others
Website: [1]

DEFT v2 is a Live CD built on top of Kubuntu 7.04 with the best tools for Computer Forensic and incident response.

Tools included

Deft v2 computer and network forensic packages list:

- Sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
- Autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
- AFF lib, advanced forensic format
- gpart, tool which tries to guess the primary partition table of a PC-type hard disk
- dd rescue, copy data from one file or block device to another
- foremost, console program to recover files based on their headers, footers, and internal data structures
- hexdump, combined hex and ascii dump of any file
- khexedit, a versatile and customizable hex editor
- stegdetect, a steganography detection software
- outguess, a stegano tool
- ophcrack, Windows password recovery
- wireshark, network sniffer
- ettercap, network sniffer
- nessus, vulnerability and security scanner (client)
- nessusd, vulnerability and security scanner (server)
- nmap, the best network scanner
- airsnort, wireless LAN (WLAN) tool which recovers encryption keys
- kismet, sniffer and intrusion detection system that work with any wireless card
- dmraid, discover software RAID devices
- testdisk, tool to recover damaged partitions
- qtparted, a Partition Magic clone written in C++ using the Qt toolkit
- vinetto, tool to examine Thumbs.db files
- trID, tool to identify file types from their binary signatures
- readpst, a tools to read ms-Outlook pst files
- john, john the ripper password cracker
- clam, antivirus

Deft v2 utility package list:

- Linux Kernel 2.6.20
- KDE 3.5.6
- k3b
- krdc
- rdesktop
- VMware client
- Samba client
- OpenSSH client & server
- speedcrunch