LUK
24-12-2007, 16:48
La distribución DEFT (Digital Evidence & Forensic Toolkit) es un live Cd basado en la distribución Xubuntu. Esto hace que sea muy fácil de usar, además de incluir una excelente detección del hardware.
Algunas de las mejoras para esta nueva versión son las siguientes:
Basado en Xubuntu 7.10 core
2 nuevos modos de arranque
Requiere solo 30MB RAM de memoria en modo texto y 80 MB en modo grafico
El automontado de dispositivos está desactivado por defecto
Se pueden montar particiones ntfs en modo ro y rw
Soporte para truecrypt y otros sistemas de encriptado
Afflib 3.0.4
Autopsy 2.08
Dhash, uyna herramienta para trabajar con múltiples hashs tool con estimación de tiempo
Snmpwalk, nping y iperf tools
Trid, el mejor identificador de archivos binarios
clam av antivirus
ophcrack
El sofware que incluye es el siguiente:
sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
dhash, multi hash tool
aff lib, advanced forensic format
gpart, tool which tries to guess the primary partition table of a PC-type hard disk
dd rescue, copy data from one file or block device to another
foremost, console program to recover files based on their headers, footers, and internal data structures
scalpel, carving tool
wipe
hex dump, combined hex and ascii dump of any file
khex edit, a versatile and customizable hex editor
steg detect, a steganography detection software
outguess, a stegano tool
ophcrack, Windows password recovery
wireshark, network sniffer
ettercap, network sniffer
nessus, vulnerability and security scanner, client
nessusd, vulnerability and security scanner, server
nmap, the best network scanner
airsnort, wireless LAN (WLAN) tool which recovers encryption keys
kismet, sniffer and intrusion detection system that work with any wireless card
dmraid, discover software RAID devices
testdisk, tool to recover damaged partitions
qtparted, a Partition Magic clone written in C++ using the Qt toolkit
vinetto, tool to examine Thumbs.db files
trID, tool to identify file types from their binary signatures
readpst, a tools to read ms-Outlook pst files
snmpwalk
chkrootkit, Checks for signs of rootkits on the local system
rkhunter, rootkit, backdoor, sniffer and exploit scanner
john, john the ripper password cracker
clam, antivirus
DEFT v3, caracteristicas:
linux Kernel 2.6.22
XFCE 4
vino
rdesktop
samba
nfs
open SSH client & server
ntfs3g
iperf
nping
truecrypt, fuse, encfs and sshfs file system support
mc
speedcrunch
Mas info: http://deft.yourside.it/
Descargar DEFT (http://na.mirror.garr.it/mirrors/deft/deftv3.iso)
DEFT conference @ Smau 2007 e-Accademy:
http://www.youtube.com/watch?v=IYXi1C70m_A
Algunas de las mejoras para esta nueva versión son las siguientes:
Basado en Xubuntu 7.10 core
2 nuevos modos de arranque
Requiere solo 30MB RAM de memoria en modo texto y 80 MB en modo grafico
El automontado de dispositivos está desactivado por defecto
Se pueden montar particiones ntfs en modo ro y rw
Soporte para truecrypt y otros sistemas de encriptado
Afflib 3.0.4
Autopsy 2.08
Dhash, uyna herramienta para trabajar con múltiples hashs tool con estimación de tiempo
Snmpwalk, nping y iperf tools
Trid, el mejor identificador de archivos binarios
clam av antivirus
ophcrack
El sofware que incluye es el siguiente:
sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
dhash, multi hash tool
aff lib, advanced forensic format
gpart, tool which tries to guess the primary partition table of a PC-type hard disk
dd rescue, copy data from one file or block device to another
foremost, console program to recover files based on their headers, footers, and internal data structures
scalpel, carving tool
wipe
hex dump, combined hex and ascii dump of any file
khex edit, a versatile and customizable hex editor
steg detect, a steganography detection software
outguess, a stegano tool
ophcrack, Windows password recovery
wireshark, network sniffer
ettercap, network sniffer
nessus, vulnerability and security scanner, client
nessusd, vulnerability and security scanner, server
nmap, the best network scanner
airsnort, wireless LAN (WLAN) tool which recovers encryption keys
kismet, sniffer and intrusion detection system that work with any wireless card
dmraid, discover software RAID devices
testdisk, tool to recover damaged partitions
qtparted, a Partition Magic clone written in C++ using the Qt toolkit
vinetto, tool to examine Thumbs.db files
trID, tool to identify file types from their binary signatures
readpst, a tools to read ms-Outlook pst files
snmpwalk
chkrootkit, Checks for signs of rootkits on the local system
rkhunter, rootkit, backdoor, sniffer and exploit scanner
john, john the ripper password cracker
clam, antivirus
DEFT v3, caracteristicas:
linux Kernel 2.6.22
XFCE 4
vino
rdesktop
samba
nfs
open SSH client & server
ntfs3g
iperf
nping
truecrypt, fuse, encfs and sshfs file system support
mc
speedcrunch
Mas info: http://deft.yourside.it/
Descargar DEFT (http://na.mirror.garr.it/mirrors/deft/deftv3.iso)
DEFT conference @ Smau 2007 e-Accademy:
http://www.youtube.com/watch?v=IYXi1C70m_A