ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Helix3 Pro

From ForensicsWiki
Revision as of 16:22, 26 July 2009 by .FUF (Talk | contribs)

Jump to: navigation, search
Helix3 Pro
Maintainer: e-fense
OS: Linux,Windows,Mac OS X
Genre: Live CD
License: GPL, others

Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.

Tools Included

  • Live side for Mac OS X, Windows and Linux
  • A bootable forensically sound environment (based on Ubuntu)

Open source forensic tools include:

Other tools include:

Helix3 Pro Forensic Issues

Helix3 Pro has several major forensic issues that forensic examiners should be aware of:

  • Helix recovers ext3 filesystems during the boot process;
  • Media in some card readers and firewire devices can be automounted in r/w mode;
  • Live side may collect wrong uptime values from some Windows systems;
  • Live side has preliminary support for "foreign languages". For example, cyrillic characters are not supported in PDF reports; cyrillic characters in TXT reports are stored in both cp-1251 and Unicode encodings.

See Also

Free version: Helix