Difference between revisions of "Knoppix STD"

From ForensicsWiki
Jump to: navigation, search
(New page: {{Infobox_Software | name = Knoppix STD | maintainer = | os = | genre = {{Live CD}} | license = {{GPL}} | website = [http://s-t-d.org/ s-t-d.org/] | }} Knoppix STD is a [[Co...)
 
Line 8: Line 8:
 
}}
 
}}
  
Knoppix STD is a [[Computer Forensics|computer forensics]] / [[Incident Response|incident response]] [[live CD]] based on Knoppix.
+
Knoppix STD is a [[computer forensics]] / [[Incident Response|incident response]] [[Live CD]] based on Knoppix.
  
 
== Tools ==
 
== Tools ==

Revision as of 05:53, 4 August 2007

Knoppix STD
Maintainer:
OS:
Genre: Live CD
License: GPL
Website: s-t-d.org/

Knoppix STD is a computer forensics / incident response Live CD based on Knoppix.

Tools

Forensics

  • Sleuthkit 1.66 : extensions to The Coroner's Toolkit forensic toolbox.
  • autopsy 1.75 : Web front-end to TASK. Evidence Locker defaults to /mnt/evidence
  • biew : binary viewer
  • bsed : binary stream editor
  • consh : logged shell (from F.I.R.E.)
  • coreography : analyze core files
  • dcfldd : US DoD Computer Forensics Lab version of dd
  • fenris : code debugging, tracing, decompiling, reverse engineering tool
  • fatback : Undelete FAT files
  • foremost : recover specific file types from disk images (like all JPG files)
  • ftimes : system baseline tool (be proactive)
  • galleta : recover Internet Explorer cookies
  • hashdig : dig through hash databases
  • hdb : java decompiler
  • mac-robber : TCT's graverobber written in C
  • md5deep : run md5 against multiple files/directories
  • memfetch : force a memory dump
  • pasco : browse IE index.dat
  • photorec : grab files from digital cameras
  • readdbx : convert Outlook Express .dbx files to mbox format
  • readoe : convert entire Outlook Express .directory to mbox format
  • rifiuti : browse Windows Recycle Bin INFO2 files
  • secure_delete : securely delete files, swap, memory....
  • testdisk : test and recover lost partitions
  • wipe : wipe a partition securely. good for prep'ing a partition for dd
  • and other typical system tools used for forensics (dd, lsof, strings, grep, etc.)

External Links