DEFT 7 is based on the new Kernel 3 (Linux side) and the DART (Digital Advanced Response Toolkit) with the best freeware Windows Computer Forensic tools. It’s a new concept of Computer Forensic system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manager as tool for device management.
It is a very professiona and stable system that includes an excellent hardware detection and the best free and open source applications dedicated to Incident Response, Cyber Intelligence and Computer Forensics.
DEFT is meant to be used by:
- IT Auditors
DEFT is 100% made in Italy
Hello! Valerio Leomporra created two dd images of a DEFT USB Pen, one for device with 2GB and one for 4GB.If you tried to build your own DEFT v7.x USB pendrive starting from ISO, by using some Windows automated tools (i.e. UNetbootin, PenDriveLinux tools or whatever), most probably you should have realized it won’t boot correctly. While this approach is quite easly effective with many other Linux distros, it simply doesn’t work with the latest DEFT live.This is mainly due to the huge compressed filesystem (squashfs), which is directly loop-mounted from the media at boot time: loopback files should be contigous and unfragmented. Even the large number of DART files and directories could fragment/damage the FAT16/FAT32 USB partition, if not carefully managed.That’s why we realized and just published an “official” pendrive dd-image series, ready to download and flash to your favorite USB device.Minimal requirements: - a working linux system (DeftLinux Live on ISO is excellent ) - a USB pendrive device, 4gb recommended / 2Gb minimal (deprecated, DART’s few tools included)Instructions: 1) download the needed .dd.gz file from mirrors, to a working linux machine: 75c0cecce7a549db945704672ef5c935 * DeftPen_v710-usb_4gb.dd.gz ba4af8c7972a2a91dd418af6aa7f84ab * DeftPen_v710-usb_2gb.dd.gz (deprecated)2) verify hashes, decompress, verify again (large files, twice is better): md5sum *.dd.gz; gzip -d *.dd.gz; md5sum *.dd3) plug your USB device, ensure it is NOT mounted in your system4) write down it’s device name, i.e. /dev/sdx (please notice there isn’t any trailing number)5) flash your device: dd if=DeftPen_v710-usb_?gb.dd of=/dev/sdx ; sync6) reboot the system to test the your new pendriveLastly, if confident with the forensic tools, you can also do anything via a single line: gzip -dc DeftPen_v710-usb_?gb.dd.gz | dcfldd hash=md5 of=/dev/sdx ; sync
http://www.deftlinux.net/projects/dhash/Hi People, Many of you may have noticed that the deft 7.1 ISO is online since March, 30 without any public announcement. We apologize for that: we were all engaged in the organization of deftcon Conference 2012 held in Turin 2012. It was a great success: over 200 people actively participated to the event! The new features for deft 7.1 are:Bug Fix: Hb4most and xterm’s problem fixed GpartedUpdated packages: libewf-20120304 bulk_extractor-1.2.0.tar.gz guymager 0.6.5-1 iPhone Backup Analyzer 10/2012 Xplico 1.0Computer Forensics side new tools: UsnJrnl-parser lslnkNew implementations After the great work done by Emanuele Gentili and Sandro Rossetti, we are delighted to introduce you the Cyber Intelligence side implementations and we’d like to remember you today there is no other freely distributed system that allows you to perform Intelligence tasks:OSINT - “OSINT Chrome browser”: we customized Chrome with several plugins and resources to perform ‘Open Source Intelligence’ related activities,Network Information Gathering - Host - Nslookup - Dig - Nmap - Zenmap - Netcat - Snmpcheck - Nbtscan - Cadaver - Traceroute - Hping3 - Xprobe - Scapy - NetdiscoverWireless Information Gathering - KismetWeb Application Information Gathering - Whatweb - Cmsident - Dirbuster - Burpsuite - Customized Chrome Browser (at least 1gb ram required)Social Information Gathering - Creepy - Snmpcheck - PieSpy - IrssiIdentity Protection Tools - TOR-Browser - Anonymouse (http://anonymouse.org/anonwww.html)OSINT Global Framework - Maltego - Proactive ResourcesPlease Enjoy DEFT 7.1 at least as much as we love to keep it running!