Packets list

DEFT v4 computer and network forensic packages list:

  • sleuthkit, collection of UNIX-based command line tools that allow you to investigate a computer
  • autopsy, graphical interface to the command line digital investigation tools in The Sleuth Kit
  • dhash, multi hash tool
  • aff lib, advanced forensic format
  • gpart, tool which tries to guess the primary partition table of a PC-type hard disk
  • guymager, a fast and most user friendly forensic imager
  • dd rescue, copy data from one file or block device to another
  • dcfldd, copy data from one file or block device to another with more functions
  • dc3dd, patched version of GNU dd to include a number of features useful for computer forensics
  • linen, Linux version of the industry- standard DOS-based EnCase acquisition tool
  • foremost, console program to recover files based on their headers, footers, and internal data structures
  • photorec, easy carving tool
  • scalpel, carving tool
  • wipe
  • hex dump, combined hex and ascii dump of any file
  • khex edit, a versatile and customizable hex editor
  • steg detect, a steganography detection software
  • outguess, a stegano tool
  • ophcrack, Windows password recovery
  • xplico, advanced network analyzer
  • wireshark, network sniffer
  • ettercap, network sniffer
  • nessus, vulnerability and security scanner, client
  • nessusd, vulnerability and security scanner, server
  • nmap, the best network scanner
  • kismet, sniffer and intrusion detection system that work with any wireless card
  • dmraid, discover software RAID devices
  • testdisk, tool to recover damaged partitions
  • qtparted, a Partition Magic clone written in C++ using the Qt toolkit
  • vinetto, tool to examine Thumbs.db files
  • trID, tool to identify file types from their binary signatures
  • readpst, a tools to read ms-Outlook pst files
  • snmpwalk
  • chkrootkit, Checks for signs of rootkits on the local system
  • rkhunter, rootkit, backdoor, sniffer and exploit scanner
  • john, john the ripper password cracker
  • clam, antivirus
DEFT v4 extra:
  • fau
  • ftk imager
  • cli utils
  • windows (2k, xp, 2k3, and vista) system files
  • notepad++
  • hex edit
  • gvim
  • file zilla
  • firefox
  • putty
  • thight vnc
  • winscp
  • audacity
  • infrarecorder
  • virtualdub
  • vlc
  • softperfect network scanner
  • win32 whois
  • windump
  • abiword
  • sumatra
  • clamav
  • rootkit revealer
  • rootkitty
  • 7zip
  • netcat
  • pc inspector file recovery
  • regviewer
  • secure eraser
  • winmd5
  • windows registry recover
  • xenon file manager
DEFT v4 features list:
  • incorruptibility of the partitions
  • incorruptibility of the swap spaces
  • linux Kernel 2.6.27
  • xfce 4
  • apt-get system
  • vino
  • rdesktop
  • open afs client
  • samba client
  • open SSH client & server
  • ntfs3g
  • lvm support
  • speedcrunch