Difference between revisions of "DEFT Linux 2"
From Forensics Wiki
(Added some links) |
|||
| Line 14: | Line 14: | ||
'''Deft v2 computer and network forensic packages list:''' | '''Deft v2 computer and network forensic packages list:''' | ||
| − | : - | + | : - [[Sleuthkit]], collection of UNIX-based command line tools that allow you to investigate a computer |
| − | : - | + | : - [[Autopsy]], graphical interface to the command line digital investigation tools in The Sleuth Kit |
| − | : - | + | : - [[AFF]] lib, advanced forensic format |
: - gpart, tool which tries to guess the primary partition table of a PC-type hard disk | : - gpart, tool which tries to guess the primary partition table of a PC-type hard disk | ||
: - dd rescue, copy data from one file or block device to another | : - dd rescue, copy data from one file or block device to another | ||
| − | : - foremost, console program to recover files based on their headers, footers, and internal data structures | + | : - [[foremost]], console program to recover files based on their headers, footers, and internal data structures |
: - hex dump, combined hex and ascii dump of any file | : - hex dump, combined hex and ascii dump of any file | ||
: - khex edit, a versatile and customizable hex editor | : - khex edit, a versatile and customizable hex editor | ||
| Line 49: | Line 49: | ||
: - krdc | : - krdc | ||
: - rdesktop | : - rdesktop | ||
| − | : - | + | : - [[VMware]] client |
: - samba client | : - samba client | ||
: - open SSH client & server | : - open SSH client & server | ||
: - speedcrunch | : - speedcrunch | ||
Revision as of 14:15, 3 May 2007
| DEFT v2 Linux | |
|---|---|
| Maintainer: | Stefano Fratepietro |
| OS: | Linux |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | [1] |
DEFT v2 is a Live CD built on top of Kubuntu 7.04 with the best tools for Computer Forensic and incident response.
Tools included
Deft v2 computer and network forensic packages list:
- - Sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
- - Autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
- - AFF lib, advanced forensic format
- - gpart, tool which tries to guess the primary partition table of a PC-type hard disk
- - dd rescue, copy data from one file or block device to another
- - foremost, console program to recover files based on their headers, footers, and internal data structures
- - hex dump, combined hex and ascii dump of any file
- - khex edit, a versatile and customizable hex editor
- - steg detect, a steganography detection software
- - outguess, a stegano tool
- - ophcrack, Windows password recovery
- - wireshark, network sniffer
- - ettercap, network sniffer
- - nessus, vulnerability and security scanner (client)
- - nessusd, vulnerability and security scanner (server)
- - nmap, the best network scanner
- - airsnort, wireless LAN (WLAN) tool which recovers encryption keys
- - kismet, sniffer and intrusion detection system that work with any wireless card
- - dmraid, discover software RAID devices
- - testdisk, tool to recover damaged partitions
- - qtparted, a Partition Magic clone written in C++ using the Qt toolkit
- - vinetto, tool to examine Thumbs.db files
- - trID, tool to identify file types from their binary signatures
- - readpst, a tools to read ms-Outlook pst files
- - john, john the ripper password cracker
- - clam, anti virus
Deft v2 utility package list:
- - linux Kernel 2.6.20
- - lkDE 3.5.6
- - k3b
- - krdc
- - rdesktop
- - VMware client
- - samba client
- - open SSH client & server
- - speedcrunch
