DEFT Linux 1

From ForensicsWiki
Revision as of 14:25, 16 November 2008 by .FUF (Talk | contribs)

Jump to: navigation, search
DEFT v1 Linux
Maintainer: Stefano Fratepietro
OS: Linux
Genre: Live CD
License: GPL, others
Website: [1]

DEFT v1 is a Live CD built on top of Kubuntu 6.10 with the best tools for Computer Forensic and incident response.

Tools included

Deft computer and network forensic packages list:

- sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
- autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
- aff lib, advanced forensic format
- gpart, tool which tries to guess the primary partition table of a PC-type hard disk
- dd rescue, copy data from one file or block device to another
- foremost, console program to recover files based on their headers, footers, and internal data structures
- hex dump, combined hex and ascii dump of any file
- khex edit, a versatile and customizable hex editor
- steg detect, a steganography detection software
- outguess, a stegano tool
- ophcrack, Windows password recovery
- wireshark, network sniffer
- ettercap, network sniffer
- nessus, vulnerability and security scanner
- nmap, the best network scanner
- airsnort, wireless LAN (WLAN) tool which recovers encryption keys
- kismet, sniffer and intrusion detection system that work with any wireless card
- dmraid, discover software RAID devices
- testdisk, tool to recover damaged partitions
- qtparted, a Partition Magic clone written in C++ using the Qt toolkit
- vinetto, tool to examine Thumbs.db files
- trID, tool to identify file types from their binary signatures
- readpst, a tools to read ms-Outlook pst files

Deft utility package list:

- linux Kernel 2.6.17
- lkDE 3.5.5
- k3b
- samba client
- open SSH client & server

and mutch more...

External Links