Difference between revisions of "Helix3 Pro"
From Forensics Wiki
m (fixed) |
Joachim Metz (Talk | contribs) |
||
| Line 13: | Line 13: | ||
* Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | * Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | ||
| − | * A bootable forensically sound environment | + | * A bootable forensically sound environment based on [[Ubuntu]] |
Open source forensic tools include: | Open source forensic tools include: | ||
Latest revision as of 06:26, 28 July 2012
| Helix3 Pro | |
|---|---|
| Maintainer: | e-fense |
| OS: | Linux,Windows,Mac OS X |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | e-fense.com |
Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
Tools Included
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with "light" version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
Forensic Issues
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
See Also
Free version: Helix3
