Difference between pages "Knoppix STD" and "Forensic Server Project"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
{{Deprecated Software}}
+
{{Expand}}
  
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = Knoppix STD |
+
   name = Forensic Server Project |
   maintainer = [[STD project]] |
+
   maintainer = [[Harlan Carvey]] |
   os = [[Linux]] |
+
   os = {{Windows}} |
   genre = {{Live CD}}, {{Incident response}} |
+
   genre = {{Incident response}} |
 
   license = {{GPL}} |
 
   license = {{GPL}} |
   website = [http://s-t-d.org/ s-t-d.org/] |
+
   website = [http://sourceforge.net/projects/windowsir/ sourceforge.net/projects/windowsir/] |
 
}}
 
}}
 
Knoppix STD is a [[computer forensics]] / [[Incident Response|incident response]] [[Live CD]] based on Knoppix.
 
 
== Tools ==
 
 
=== Forensics ===
 
 
* [[Sleuthkit]] 1.66 : extensions to The Coroner's Toolkit forensic toolbox.
 
* autopsy 1.75 : Web front-end to TASK. Evidence Locker defaults to /mnt/evidence
 
* biew : binary viewer
 
* bsed : binary stream editor
 
* consh : logged shell (from F.I.R.E.)
 
* coreography : analyze core files
 
* dcfldd : US DoD Computer Forensics Lab version of dd
 
* fenris : code debugging, tracing, decompiling, reverse engineering tool
 
* fatback : Undelete FAT files
 
* foremost : recover specific file types from disk images (like all JPG files)
 
* ftimes : system baseline tool (be proactive)
 
* galleta : recover Internet Explorer cookies
 
* hashdig : dig through hash databases
 
* hdb : java decompiler
 
* mac-robber : TCT's graverobber written in C
 
* [[md5deep]] : run md5 against multiple files/directories
 
* memfetch : force a memory dump
 
* pasco : browse IE index.dat
 
* photorec : grab files from digital cameras
 
* readdbx : convert Outlook Express .dbx files to mbox format
 
* readoe : convert entire Outlook Express .directory to mbox format
 
* rifiuti : browse Windows Recycle Bin INFO2 files
 
* secure_delete : securely delete files, swap, memory....
 
* testdisk : test and recover lost partitions
 
* wipe : wipe a partition securely. good for prep'ing a partition for dd
 
* and other typical system tools used for forensics (dd, lsof, strings, grep, etc.)
 
  
 
== External Links ==
 
== External Links ==
 
+
* [http://sourceforge.net/projects/windowsir/ Project site]
* [http://s-t-d.org/ Official Site]
+
* [http://forum.s-t-d.org/ Support Forum]
+

Latest revision as of 04:46, 18 January 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Forensic Server Project
Maintainer: Harlan Carvey
OS: Windows
Genre: Incident Response
License: GPL
Website: sourceforge.net/projects/windowsir/

External Links