DEFT Linux - Computer Forensics live cd Matriux - La Distribution Open Source orientée Sécurité pour Ethical Hackers et Pentesters BlackArch Linux - Penetration Testing Distribution Open Computer Forensics Architecture Linux LEO Secured Distributions - Security, Forensics, Privacy A la fecha, Dic 11 de 2011, el Autor procura en un invaluable trabajo mantener la relación de versiones actualizadas como es deseable. Sin embargo, para tomar un ejemplo, la Distro LPS (Lightweight Portable Security) aparece acá como su última version la 1.2.4 de Sep. 19 de 2011 siendo en realidad la más reciente a la fecha de este artículo la 1.3.1 de Nov. 11 del presente. De todas formas este no es asunto mayor pues acá están los links de los sitios Oficiales de cada proyecto para estar al tanto de las Actualizaciones. Esta es una relación de las más reconocidas y de excelente reputación en cuanto a distribuciones Linux, destacables bajo tres criterios: Seguridad, Privacidad y Forenses. Será bien recibido en los comentarios toda sugerencia para complementar o suplementar la presente relación de herramientas. Astaro Security Linux A firewall and VPN product. BackBox Linux BackBox is based on Ubuntu. BackTrack
SIFT Kit/Workstation: Investigative Forensic Toolkit Download SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0 Download SIFT Workstation VMware Appliance Now - 1.5 GB Having trouble downloading? If you are having trouble downloading the SIFT Kit please contact sift-support@sans.org and include the URL you were given, your IP address, browser type, and if you are using a proxy of any kind. Having trouble with SIFT 3? How To: Download Ubuntu 14.04 ISO file and install Ubuntu 14.04 on any system. -> Once installed, open a terminal and run "wget --quiet -O - | sudo bash -s -- -i -s -y" Congrats -- you now have a SIFT workstation!! SIFT Workstation 3.0 Overview An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. Key new features of SIFT 3.0 include: Manual SIFT 3.0 Installation
penguinsleuth.org - Home Tools CTF Security Consulting Services Redline, Mandiant’s premier free tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile. With Redline, users can: Thoroughly audit and collect all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history.Analyze and view imported audit data, including narrowing and filtering results around a given timeframe using Redline’s Timeline functionality with the TimeWrinkle™ and TimeCrunch™ features.Streamline memory analysis with a proven workflow for analyzing malware based on relative priority.Identify processes more likely worth investigating based on the Redline Malware Risk Index (MRI) score.Perform Indicator of Compromise (IOC) analysis. Want more information about Redline? Current Version: Redline 1.12 Release Date: June 9, 2014 File Size: 66.2 MB Integrity Hashes:
Autopsy Forensic Easy to Use Autopsy was designed to be intuitive out of the box. Installation is easy and wizards guide you through every step. Extensible Autopsy was designed to be an end-to-end platform with modules that come with it out of the box and others that are available from third-parties. Timeline Analysis - Advanced graphical event viewing interface (video tutorial included). See the Features page for more details. Fast Everyone wants results yesterday. Cost Effective Autopsy is free. Home