Difference between revisions of "Helix3 Pro"
From Forensics Wiki
m (fixed) |
Joachim Metz (Talk | contribs) |
||
| Line 13: | Line 13: | ||
* Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | * Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | ||
| − | * A bootable forensically sound environment | + | * A bootable forensically sound environment based on [[Ubuntu]] |
Open source forensic tools include: | Open source forensic tools include: | ||
Latest revision as of 06:26, 28 July 2012
| Helix3 Pro | |
|---|---|
| Maintainer: | e-fense |
| OS: | Linux,Windows,Mac OS X |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | e-fense.com |
Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
[edit] Tools Included
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with "light" version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
[edit] Forensic Issues
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
[edit] See Also
Free version: Helix3
