1CAINE 9.0 Linux Helps Investigators With Computer Security Forensics
While there are many security-focused Linux distributions on the market, one distribution distinguishes itself by targeting forensic investigators. Instead of penetration testing tools, CAINE—which is an acronym for Computer Aided INvestigative Environment and was updated to version 9.0 on Oct. 25—is loaded with applications and tools to help investigators find the clues and data points that are required for computer security forensics. Among the tools that are included in the CAINE 9.0 Quantum release are memory, database and network analysis applications. One such new tool is RegRipper, which enables researchers to extract and parse information from an operating system registry. In this slide show, eWEEK examines this and other key features of CAINE 9.
2CAINE 9.0 Quantum Is Based on Ubuntu Linux
3RegRipper Parses Windows Registry Files
4Harvester Collects Information
5Tinfoleak Performs Twitter Analysis
6Infoga Also Gathers Information
7VolDiff Identifies Malware Memory Threats
8CAINE Can Perform a Digital Autopsy
CAINE 9.0 also includes the Autopsy Forensic Browser, which is a graphical interface to the Sleuth Kit’s command line filesystem analysis tools.