Here we will list every machine and resource we're using in our virtual lab. You can setup your own mobile lab.

Resources

Virtual Machines

  • CERT ADIA - The CERT Appliance for Digital Investigations and Analysis is a prebuilt Fedora VM containing many forensics tools.
    • Here is a powerpoint presentation with instructions for setting up the VM.
  • SANS SIFT - The SANS Investigative Forensic Toolkit is a Ubuntu based machine containing many forensic tools. It is provided as a prebuilt VM (recommended) and as an iso file. The iso file can be used to install the OS or to run SIFT in live mode.
    • Here is a powerpoint presentation with instructions for setting up the VM using both the prebuilt VM and the iso.
  • Backtrack 5 R2 - BT can be used either as a place to launch tools, or as a Live CD
  • Helix3 - Helix is a live CD that contains many useful tools for Forensics and Incident Response

Tools

  • Bulk_extractor is a fast and thorough open-source forensic tool. 
  • BE_Viewer is the User Interface to view data extracted by bulk_extractor. 
  • The SEI Tool Suite are a useful set of tools for Forensic Investigations.
  • CryptHunter