ProHoster > Blog > internet nhau > Kuburitswa kweCAINE 11.0, kit yekugovera yekuzivisa yakavanzika data

Kuburitswa kweCAINE 11.0, kit yekugovera yekuzivisa yakavanzika data

Ndakaona chiedza kusunungura KAINE 11.0 (Computer Aided INvestigative Environment), yakasarudzika Live kugovera kwakagadzirirwa kuita forensic ongororo, kutsvaga yakavanzika uye yakadzimwa data pamadhisiki uye kuona ruzivo rwakasara kudzoreredza mufananidzo weiyo system hack. Iko kugoverwa kunobva paUbuntu uye yakashongedzerwa ine imwechete graphical interface yakavakirwa paMATE shell yekutarisira seti yezvakasiyana zvekushandisa pakudzidza Unix neWindows masisitimu. Kuisa mufananidzo weLive mu RAM kunotsigirwa. Boot size iso mufananidzo 4.1 GB (x86_64).

Kuburitswa kweCAINE 11.0, kit yekugovera yekuzivisa yakavanzika data

Chikamu zvinosanganisirwa zvinoreva zvakadai GtkHash, mhepo (Otomatiki Mufananidzo & Dzosera), SSdeep, HDSentinel (Hard Disk Sentinel), Bulk Extractor, Fiwalk, ByteInvestigator, Autopsy, Chinotangira, scalpel, Sleuthkit, guymager, DC3DD. Izvo zvakakoshawo kucherechedza iyo sisitimu yakagadziridzwa mukati meiyo purojekiti WinTaylor yekunyatsoongorora maWindows masisitimu uye chizvarwa chemishumo yakadzama pane ese akanyorwa anomalies. Inosanganisirawo kusarudzwa kwezvinyorwa zvekubatsira zveCaja faira maneja (Nautilus fork), iyo inokubvumira kuti uite zvakasiyana-siyana zvecheki pane disk partition kana dhairekitori, pamwe nekuona runyoro rwemafaira akadzimwa uye kuparadzanisa zvinyorwa zvakarongwa, zvakadai. senhoroondo yebrowser, Windows registry, mifananidzo ine metadata EXIF ​​​​.

Kuburitswa kweCAINE 11.0, kit yekugovera yekuzivisa yakavanzika data

Zvitsva zvikuru:

  • Kuburitswa kwakavakirwa paUbuntu 18.04 package base, inotsigira UEFI Yakachengeteka Boot uye inouya neLinux 5.0 kernel;
  • Kuti udzivise kunyora netsaona, ese mabhuroka zvishandiso zvino akaiswa kuverenga-chete nekusarudzika. Kuti uchinje kune inonyorwa modhi, iyo BlockON yekushandisa inopihwa mune graphical interface;
  • Kurodha nguva yakaderedzwa;
  • Yakawedzera kugona kubhutsu nekukopa mufananidzo webhoti mu RAM;
  • Shanduro itsva dzeOSINT, Autopsy 4.13, APFS, BTRFS foresic tool;
  • Yakawedzera rutsigiro rweNVME SSD;
  • By default, SSH server yakaremara;
  • Chishandiso chakabatanidzwa scrcpy, kudzora mudziyo weAroid (screen capture) kuburikidza ne USB kana TCP/IP;
  • Yakawedzerwa X11VNC Server ye kure kure manejimendi eCAINE;
  • Yakawedzera AutoMacTc chishandiso chekuongorora forensic ye macOS-based system;
  • Yakawedzerwa utility Autotimelinener kuburitsa otomatiki ruzivo nezve mushandisi chiitiko kubva mundangariro kuraswa;
  • Yakawedzera firmware analyzer Firmwalker;
  • Yakawedzerwa utility CDQR (Cold Disk Quick Response) kubvisa zvakasara data kubva kudhisiki mifananidzo;
  • Yakawedzera seti yezvishandiso zveWindows.
    Kuburitswa kweCAINE 11.0, kit yekugovera yekuzivisa yakavanzika data

Source: opennet.ru

Voeg