Hello World!
We can finally announce that the stable version of DEFT Zero is available!
DEFT Zero is a light version of Deft specifically designed to the forensic acquisition of the digital evidence.

Among the biggest features: the support to NVMExpress memories (Mac Book ed. 2015), the eMMC memories and the UEFI support.
For the full list of new features please refer to the manual available by clicking on the link below.

Download DEFT Zero (2017.1) – MD5: 8f3896cf01d375868972c1ca31d5214d
Download manual in english

To put DEFT Zero onto an USB drive, refer to this page.

—

(Image: Dwayne Bent – https://www.flickr.com/photos/zengei/7317420838 – Creative Commons)

During the fourth edition of DEFTCON 2015 in Rome last April 17 (more than 200 people, high level of teaching) in collaboration with ISACA chapter of Rome and Tech & Law Center, DEFT Zero is finally ready and released in RC mode (release candidate).

This mini distro dedicated to acquisitions of medias, implements  the new system of write blocking amply explained into the new DEFT Zero user manuals released on this site.

Ecco il programma definitivo della quarta conferenza nazionale del sistema DEFT organizzata dall’ASSOCIAZIONE NO PROFIT DEFT.

DEFT CONFERENCE 2015
17 aprile 2015, ore 9.30-18.00
Aula Magna Odeion – Edificio di Lettere e filosofia
piazzale Aldo Moro 5, Roma

Evento organizzato in collaborazione con ISACA Roma e patrocinato da La Sapienza – Dipartimento di Informatica e Tech and Law Center

Moderatore: Emilio Casalini (Giornalista)

Ore 9:30 – Saluti del Presidente DEFTA e introduzione alla conferenza
Stefano Fratepietro (Presidente Associazione No profit DEFT)
Ore 9:45 – Presentazione del progetto DEFT Zero
DEFT dev team
Ore 10:30 – Extracting WebInject Signatures from Banking Trojans
Federico Maggi (Assistant Professor Politecnico di Milano)

Ore 11:00 – Coffe Break

Ore 11:15 – Riciclaggio e Anti riciclaggio nell’era dei Bitcoin, aspetti tecnici e giuridici
Stefano Capaccioli (Commercialista) e Paolo Dal Checco (Consulente di Digital Forensics)

Ore 12:00 – La cyber-security nel 2020: l’impatto delle tecnologie sulla vita dei cittadini e la prevenzione dei futuri crimini informatici
Stefano Mele (Avvocato)
Ore 12:30 – Monitoring DNS traffic  to identify malware and APTs (intervento in inglese)
Dave Piscitello (Vice President, Security and ICT Coordination of ICANN)

Ore 13:00 – Pausa pranzo

Ore 14:30 –PCI DSS Forensics. Soggetti, strumenti e metodi dell’investigazione digitale
Giuseppe Serafini (Avvocato, ISO/IEC 27001 Lead Auditor)

Ore 15:00 – Analisi forense dell’utilizzo di Tor Browser in ambiente Windows
Mattia Epifani (DFA)

Ore 15:30 – European Antitrust Forensic IT Tools
Nino Verde (La Sapienza)

Side event organizzato in collaborazione con Tech and Law Center

Ore 16:00 – Tavola rotonda: discussione aperta sulla robotica e IoT nell’era della Digital Forensics
Giuseppe Vaciago, Giovanni Battista Gallus, Federico Maggi, Paolo Dal Checco

Ore 17:30 – Saluti finali e ringraziamenti

Partecipa a DEFTCON 2015!

L’evento è gratuito con iscrizione obbligatoria

In the last few months we have a little AWOL. We didn’t meet the DEFT ZERO deadlines and we apologize for that.

What’s DEFT ZERO? This new mini DEFT distro is fully optimized for the acquisition and hashing of mass storage devices, in just 400 MB! Due DEFT Zero’s light weight and the fact that it can be loaded entirely into RAM at computer boot, it allows you virtually to turn any computer (even a really obsolete one) into a storage media cloner device.

The project is at an advanced  stage of development: in other words DEFT Zero is almost ready! Now, therefore, we decided to release the final public BETA of DEFT Zero. Why is it still in beta? Because it currently has a bug (we’re about to solve it) on cloning of mass storage hard disc with a Linux LVM. Despite the alteration does not change time references or files status, we strongly recommend to not use deft zero to acquire this kind of device.

Enjoy DEFT Zero!

Hello!

Here it’s hot, in Italy as well as in other Countries, a lot of people are on vacation, but only now – I’m sorry for that – I found the time to fix the known issues of DEFT 8.1.

DEFT 8.2 is the latest release of DEFT 8. What has been fixed?

Fixed a bug that in some conditions prevented the system to be installed;
Fixed the bug of DNS on /etc/resolv.conf;
Fixed the bug of the apt-get sources.list;
Improved device recognition in live-mode;
Updated all packages to the latest Ubuntu release available for Quantal.

The next release, DEFT 10, celebrating the first decade of the DEFT project, will be presented during the fourth edition of DEFTCON.

DEFT 8.2.iso: md5 8a70f61507251355153cbe94809323dd

Enjoy your holidays! Enjoy DEFT!

Stefano

The Vmware virtual appliance of DEFT 8.1 is ready for download.

Download here

Please, remember that the default password of the user root is “deft”.

During the third national conference DEFTCON (231 registered attendees!!!) we presented DEFT 8.1.

What’s new:

• File Manager: we Implemented the disk mount’s status. ( if the disk is mounted in RO/mode  the eject button will be green, if it’s RW/mode (a futher confermation will be required before going in this mode) the eject button will be orange,
• Full support for Bitlocker encrypted disks (thanks libbde!),
• The Sleuthkit 4.1.3,
• Digital Forensics Framework 1.3,
• Full support for Android and iOS 7.1 logical acquisitions ( libmobiledevice & adb ),
• JD GUI,
• Skype Extractor 0.1.8.8,
• Maltego 3.4 Tungsten,
• a new version of the OSINT browser,
• Fixed a bug in the /etc/apt/sources.list,
• full update of the deft packages and DART 2 software and tools,

You can download the DEFT 8.1 ISO here ( Md5: 76bad80c7ea1552c9bd97bcca5de8d50 )

You can download the DART 2 – 2014 stand alone here

We will soon release the DEFT 8.1’s VMware Virtual Appliance!