Helix3 Pro
From Forensics Wiki
| Helix3 Pro | |
|---|---|
| Maintainer: | e-fense |
| OS: | Linux,Windows,Mac OS X |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | e-fense.com |
Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
Tools Included
- Live side for Mac OS X, Windows and Linux
- A bootable forensically sound environment (based on Ubuntu)
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with "light" version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
Forensic Issues
- Helix3 Pro will automount Ext3 / Ext4 file systems during the boot process and recover them if required (bug in initrd scripts);
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
See Also
Free version: Helix3
