CAINE 9.0 Linux Helps Investigators With Computer Security Forensics

1 of 9

CAINE 9.0 Linux Helps Investigators With Computer Security Forensics

While there are many security-focused Linux distributions on the market, one distribution distinguishes itself by targeting forensic investigators. Instead of penetration testing tools, CAINE—which is an acronym for Computer Aided INvestigative Environment and was updated to version 9.0 on Oct. 25—is loaded with applications and tools to help investigators find the clues and data points that are required for computer security forensics. Among the tools that are included in the CAINE 9.0 Quantum release are memory, database and network analysis applications. One such new tool is RegRipper, which enables researchers to extract and parse information from an operating system registry. In this slide show, eWEEK examines this and other key features of CAINE 9.

2 of 9

CAINE 9.0 Quantum Is Based on Ubuntu Linux

At the core of CAINE 9.0 is an Ubuntu 16.04 base operating system, using the MATE open-source Linux desktop.

3 of 9

RegRipper Parses Windows Registry Files

Among the new tools added to CAINE 9.0 is the open-source RegRipper forensic software application. RegRipper enables security researchers to extract and parse information from the Windows registry for further analysis.

4 of 9

Harvester Collects Information

The Harvester tool collects information about domains and email accounts by examining different public sources.

5 of 9

Tinfoleak Performs Twitter Analysis

As part of security reconnaissance, researchers often want and need to collect as much information as possible, including information from social media sources. The Tinfoleak tool helps to collect information and attributes about Twitter users.

6 of 9

Infoga Also Gathers Information

Another new tool in CAINE 9 that helps security researchers with reconnaissance activities is infoga, which collects information from a given target domain.

7 of 9

VolDiff Identifies Malware Memory Threats

The VolDiff tool assists researchers with malware memory footprint analysis. VolDiff makes use of the open-source Volatility framework.

8 of 9

CAINE Can Perform a Digital Autopsy

CAINE 9.0 also includes the Autopsy Forensic Browser, which is a graphical interface to the Sleuth Kit's command line filesystem analysis tools.

9 of 9

EU's GDPR Data Protection Regulations Bring Challenges, Opportunities

A McAfee report reveals how global organizations are preparing for the upcoming enforcement of the European Union's stringent General Data Protection Regulation (GDPR).
Top White Papers and Webcasts