DEFT (stands for Digital Evidence & Forensic Toolkit) is a Xubuntu Linux-based Computer Forensics live CD. It is designed to meet police, investigators, system administrator and Computer Forensics specialist’s needs.
DEFT uses the LXDE desktop environment and therefore it should no longer be considered as a Xubuntu customization.
Highlights of DEFT Linux 5:
· Linux kernel 2.6.31 (Xubuntu);
· Nessus 4 security scanner;
· Support for popular file systems;
· Support for LVM (Logical Volume Manager);
· Support for ewflib and afflib;
· Added Xplico, Kismet, Ettercap, NMap and Wireshark network forensics tools;
· Added Scalpel, PhotoRec and Foremost carving tools;
· Added Rootkit Hunter, chkrootkit and Exploit Scanner tools;
· Added the Outgess steganography detection application;
· Added recordmydesktop for desktop recording and capture;
· Added TrID, the file type identifier tool;
· Updated Ophcrack to latest version;
· Updated Clam anti-virus to version 4.15;
· Added the deft-mount script to easily mount devices;
· Added an advanced directory/files researcher tool.
Official Release Announcement