A specialized Linux distribution CAINE 11.0 has been released, which is designed to conduct forensic analysis and search for hidden information. This live build is based on Ubuntu 18.04, supports UEFI Secure Boot and ships with Linux 5.0 kernel.
The distribution kit allows you to analyze the residual information after hacking on Unix and Windows systems. The set comes with a large number of utilities for work. Separately, we note the specialized tool WinTaylor for OS analysis from Redmond.
Other utilities include GtkHash, Air, SSdeep, HDSentinel, Bulk Extractor, Fiwalk, ByteInvestigator, Autopsy, Foremost, Scalpel, Sleuthkit, Guymager, DC3DD, as well as scripts for the Caja file manager that allow you to check all FS components, including disk partitions, Windows registry, metadata and deleted files.
The new system supports mounting read-only partitions by default. Also, the distribution has reduced boot time, and the boot image can be copied to RAM. Utilities have been added to retrieve data from memory dumps and residual information from disk images.
You can download the new product from the link. The distribution kit will be useful to system administrators, computer forensic experts, forensic experts and information security specialists.
Source: linux.org.ru