CAINE Linux Distribution Helps Investigators With Forensic Analysis

1 - CAINE Linux Distribution Helps Investigators With Forensic Analysis
2 - CAINE Can Be Used as a Live System
3 - The MATE Linux Desktop Is the Default
4 - Memory, Database, Mobile and Network Forensics Tools Are Included
5 - Analyze Memory With the Volatility Memory Forensics Analysis Platform
6 - Inception Is a Memory Manipulation Tool
7 - Mobile Forensics Tools Include an iOS Backup Analyzer
8 - Autopsy Provides Forensic Browsing Capabilities
9 - Data Recovery Is a Key Part of Forensic Investigations
10 - Guymager Captures Forensic Images
11 - Network Forensics Is Enabled With Wireshark
1 of 11

CAINE Linux Distribution Helps Investigators With Forensic Analysis

by Sean Michael Kerner

2 of 11

CAINE Can Be Used as a Live System

For cases where an operating system cannot be installed onto a machine, CAINE can be run as a live system directly for a CD or USB device.

3 of 11

The MATE Linux Desktop Is the Default

CAINE 6 uses the MATE desktop environment, providing users with main operating system navigation items along the bottom of the screen.

4 of 11

Memory, Database, Mobile and Network Forensics Tools Are Included

Forensic investigations typically involve multiple forms of analysis and data collection. To that end, CAINE 6 includes multiple sets of tools to assist investigators with memory, mobile and network forensics as well as database analysis.

5 of 11

Analyze Memory With the Volatility Memory Forensics Analysis Platform

The Volatility Memory Forensics Analysis Platform included in CAINE 6 enables users to examine system memory.

6 of 11

Inception Is a Memory Manipulation Tool

Different types of investigations sometime require investigators to be able to manipulate physical memory, which is where the Inception tool comes into play.

7 of 11

Mobile Forensics Tools Include an iOS Backup Analyzer

CAINE 6 includes the iP Backup Analyzer 2.0, which is an open-source tool for Apple iOS backup data analysis.

8 of 11

Autopsy Provides Forensic Browsing Capabilities

Autopsy is a forensic browsing tool to help investigators find out what happened on a given system.

9 of 11

Data Recovery Is a Key Part of Forensic Investigations

In many types of forensic investigations, there is a need to recover data. CAINE 6 includes the PhotoRec data recovery utility to help investigators get data back.

10 of 11

Guymager Captures Forensic Images

The Guymager application in CAINE 6 enables researchers to grab a data image of a target device or hard drive location.

11 of 11

Network Forensics Is Enabled With Wireshark

Network analysis is a key part of many forensic investigations. The open-source Wireshark application is a network packet sniffer that can collect packets for protocol analysis.

Top White Papers and Webcasts